| draft-ietf-ipsecme-eddsa-01.txt | draft-ietf-ipsecme-eddsa-02.txt | |||
|---|---|---|---|---|
| IPSecME Working Group Y. Nir | IPSecME Working Group Y. Nir | |||
| Internet-Draft Check Point | Internet-Draft Check Point | |||
| Intended status: Standards Track March 12, 2017 | Intended status: Standards Track April 5, 2017 | |||
| Expires: September 13, 2017 | Expires: October 7, 2017 | |||
| Using Edwards-curve Digital Signature Algorithm (EdDSA) in the Internet | Using Edwards-curve Digital Signature Algorithm (EdDSA) in the Internet | |||
| Key Exchange (IKEv2) | Key Exchange (IKEv2) | |||
| draft-ietf-ipsecme-eddsa-01 | draft-ietf-ipsecme-eddsa-02 | |||
| Abstract | Abstract | |||
| This document describes the use of the Edwards-curve digital | This document describes the use of the Edwards-curve digital | |||
| signature algorithm in the IKEv2 protocol. | signature algorithm in the IKEv2 protocol. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| skipping to change at page 1, line 32 ¶ | skipping to change at page 1, line 32 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 13, 2017. | This Internet-Draft will expire on October 7, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 13 ¶ | skipping to change at page 3, line 13 ¶ | |||
| one that indicates that no hashing is performed. | one that indicates that no hashing is performed. | |||
| 1.1. Conventions Used in This Document | 1.1. Conventions Used in This Document | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 2. The "Identity" Hash Identifier | 2. The "Identity" Hash Identifier | |||
| This document defines a new value called "Identity" (value TBA by | This document defines a new value called "Identity" (value is 5) in | |||
| IANA) in the hash algorithm registry for use in the | the hash algorithm registry for use in the SIGNATURE_HASH_ALGORITHMS | |||
| SIGNATURE_HASH_ALGORITHMS notification. Inserting this new value | notification. Inserting this new value into the notification | |||
| into the notification indicates that the receiver supports at least | indicates that the receiver supports at least one signature algorithm | |||
| one signature algorithm that accepts arbitrary-sized messages such as | that accepts arbitrary-sized messages such as Ed25519 and Ed448. | |||
| Ed25519 and Ed448. | ||||
| Ed25519 and Ed448 are only defined with the Identity hash, and MUST | Ed25519 and Ed448 are only defined with the Identity hash, and MUST | |||
| NOT be sent to a receiver that has not indicated support for the | NOT be sent to a receiver that has not indicated support for the | |||
| "Identity" hash. | "Identity" hash. | |||
| The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph | The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph | |||
| respectively) SHOULD NOT be used in IKE. | respectively) SHOULD NOT be used in IKE. | |||
| 3. Security Considerations | 3. Security Considerations | |||
| skipping to change at page 3, line 41 ¶ | skipping to change at page 3, line 40 ¶ | |||
| supported algorithms has this property. On the other hand there is | supported algorithms has this property. On the other hand there is | |||
| no good reason to pre-hash the inputs where the signature algorithm | no good reason to pre-hash the inputs where the signature algorithm | |||
| either does not require it or performs a hash internally. For this | either does not require it or performs a hash internally. For this | |||
| reason implementations SHOULD have the "Identity" value in the | reason implementations SHOULD have the "Identity" value in the | |||
| SIGNATURE_HASH_ALGORITHMS notification when they support EdDSA. | SIGNATURE_HASH_ALGORITHMS notification when they support EdDSA. | |||
| Implementations SHOULD NOT have other hash algorithms in the | Implementations SHOULD NOT have other hash algorithms in the | |||
| notification if all signature algorithms have this property. | notification if all signature algorithms have this property. | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| IANA is requested to assign a new value from the "IKEv2 Hash | IANA has assigned the value 5 for the algorithm with the name | |||
| Algorithms" registry with name "Identity" and this document as | "Identity" in the "IKEv2 Hash Algorithms" registry with this draft as | |||
| reference. | reference. | |||
| Upon publication of this document IANA is requested to update the | ||||
| entry with this document as reference. | ||||
| 5. Normative References | 5. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. | [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. | |||
| Kivinen, "Internet Key Exchange Protocol Version 2 | Kivinen, "Internet Key Exchange Protocol Version 2 | |||
| (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October | (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October | |||
| End of changes. 6 change blocks. | ||||
| 12 lines changed or deleted | 14 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||