questions on RFC2631 and DH key agreement
' =JeffH '
Jeff.Hodges at KingsMountain.com
Mon Feb 4 13:02:34 EST 2008
Ok thanks, I'm going to risk pedanticism in order to nail things down a bit
more rigorously..
' =JeffH ' <Jeff.Hodges at KingsMountain.com> writes:
>>docbook.xml at gmail.com said:
>> http://www.xml-dev.com/blog/index.php?action=viewtopic&id=196
>>
>>thanks, but that doesn't actually answer my first question. It only documents
>>that a and b (alice and bob) arrive at the ZZ value independently. My
question
>>is actually concerning section 2.1.2 "Generation of Keying Material" in
>>RFC2631.
pgut001 at cs.auckland.ac.nz said:
> I'm going to approach the answer somewhat differently: Why are you using
> this mechanism?
Are you referring to the above mentioned mechanism of arriving at the ZZ value
independently, which is implied in RFC2631?
(btw, I am not myself designing anything at this time that uses DH, I'm
reviewing/analyzing. I am _not_ reviewing RFC2630/2631 themselves, rather it's
a (non-IETF) spec that references 2631)
> The only reason that it's present in the spec is politics,
> it being an attempt to avoid the RSA patent.
So by "the spec" you're referring to RFC2631 here?
Or are you referring to X9.42?
Or something else?
> Its adoption was severely
> hampered by the fact that US vendors already had RSA licenses, non-US vendors
> didn't care (and in any case the patent has now expired, so they care even
> less), no CA's of note will issue X9.42 certificates, and even if they did
> almost no S/MIME implementations support it.
<snippage/>
So here, and in the snippage, are you referring to X9.42 itself, or CMS
(Cryptographic Message Syntax) ?
> A few years after the expiry of the RSA patent, the matter was corrected by
> changing the standard so that vendors were no longer required to even pretend
> to support X9.42. My comments at the time were:
Exactly which "standard" ? From grepping all RFCs, it seems you're referring
to CMS when you say "the standard", which has indeed been revised a few times
since RFC2630.
thanks,
=JeffH
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list