- From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
- Date: Fri, 22 May 2015 12:14:44 +0300
- To: Amos Jeffries <squid3@treenet.co.nz>
- Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Fri, May 22, 2015 at 08:48:58PM +1200, Amos Jeffries wrote: > > The end of Section 4.2 states: > > " > Specifications that rely on an Diffie-Hellman exchange for > determining input keying material MUST either specify the parameters > for Diffie-Hellman (group parameters, or curves and point format) > that are used, or describe how those parameters are negotiated > between sender and receiver. > " > > As has been seen with IKEv1. Having a specification determine explicit > parameters leads directly to it becoming vulnerable when that parameter > group is broken. see <https://weakdh.org/> > > I believe that should be changed to remove the requirement to specify an > exact group. It would make more sense to me if group parameters/curves and point formats were properties of the key. It seems to me that using the same key with multiple parameters/curves is asking for trouble. -Ilari
Received on Friday, 22 May 2015 09:15:11 UTC