[Cryptography] IPsec DH parameters, other flaws
Paul Wouters
paul at cypherpunks.ca
Mon Jul 20 15:05:47 EDT 2020
On Sun, 12 Jul 2020, Ben Laurie wrote:
> On Tue, 7 Jul 2020 at 05:15, Paul Wouters <paul at cypherpunks.ca> wrote:
> And if it makes you feel better, once I investigated the history and
> lack of justification of RFC 5114, which Steve Kent admitted to having
> just forwarded from NSA/BNN to IETF without explanation, I pushed to
> kill the whole thing. It's now dead.
>
> Not noticeably: https://tools.ietf.org/html/rfc5114
What were you hoping to see there? A historic status? I'm afraid a lot
more time would need to pass for the IESG to do that. But anyone can ask
them to, you don't need to write an RFC for it.
Note, when I said "It is now dead", I meant for IKE/IPsec. I don't think
TLS ever saw much use either, but I simply don't know if it is in use
there or not.
Paul
More information about the cryptography
mailing list