draft-ietf-ipsecme-eddsa-02.txt   draft-ietf-ipsecme-eddsa-03.txt 
IPSecME Working Group Y. Nir IPSecME Working Group Y. Nir
Internet-Draft Check Point Internet-Draft Check Point
Intended status: Standards Track April 5, 2017 Intended status: Standards Track April 15, 2017
Expires: October 7, 2017 Expires: October 17, 2017
Using Edwards-curve Digital Signature Algorithm (EdDSA) in the Internet Using Edwards-curve Digital Signature Algorithm (EdDSA) in the Internet
Key Exchange (IKEv2) Key Exchange (IKEv2)
draft-ietf-ipsecme-eddsa-02 draft-ietf-ipsecme-eddsa-03
Abstract Abstract
This document describes the use of the Edwards-curve digital This document describes the use of the Edwards-curve digital
signature algorithm in the IKEv2 protocol. signature algorithm in the IKEv2 protocol.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 7, 2017. This Internet-Draft will expire on October 17, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 30 skipping to change at page 3, line 30
NOT be sent to a receiver that has not indicated support for the NOT be sent to a receiver that has not indicated support for the
"Identity" hash. "Identity" hash.
The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph
respectively) SHOULD NOT be used in IKE. respectively) SHOULD NOT be used in IKE.
3. Security Considerations 3. Security Considerations
The new "Identity" value is needed only for signature algorithms that The new "Identity" value is needed only for signature algorithms that
accept an arbitrary-sized input. It MUST NOT be used if none of the accept an arbitrary-sized input. It MUST NOT be used if none of the
supported algorithms has this property. On the other hand there is supported and configured algorithms have this property. On the other
no good reason to pre-hash the inputs where the signature algorithm hand there is no good reason to pre-hash the inputs where the
either does not require it or performs a hash internally. For this signature algorithm has that property. For this reason
reason implementations SHOULD have the "Identity" value in the implementations MUST have the "Identity" value in the
SIGNATURE_HASH_ALGORITHMS notification when they support EdDSA. SIGNATURE_HASH_ALGORITHMS notification when EdDSA is supported and
Implementations SHOULD NOT have other hash algorithms in the configured. Implementations SHOULD NOT have other hash algorithms in
notification if all signature algorithms have this property. the notification if all supported and configured signature algorithms
have this property.
4. IANA Considerations 4. IANA Considerations
IANA has assigned the value 5 for the algorithm with the name IANA has assigned the value 5 for the algorithm with the name
"Identity" in the "IKEv2 Hash Algorithms" registry with this draft as "Identity" in the "IKEv2 Hash Algorithms" registry with this draft as
reference. reference.
Upon publication of this document IANA is requested to update the Upon publication of this document IANA is requested to update the
entry with this document as reference. entry with this document as reference.
skipping to change at page 4, line 24 skipping to change at page 4, line 29
[RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital
Signature Algorithm (EdDSA)", RFC 8032, Signature Algorithm (EdDSA)", RFC 8032,
DOI 10.17487/RFC8032, January 2017, DOI 10.17487/RFC8032, January 2017,
<http://www.rfc-editor.org/info/rfc8032>. <http://www.rfc-editor.org/info/rfc8032>.
[I.D-curdle-pkix] [I.D-curdle-pkix]
Josefsson, S. and J. Schaad, "Algorithm Identifiers for Josefsson, S. and J. Schaad, "Algorithm Identifiers for
Ed25519, Ed25519ph, Ed448, Ed448ph, X25519 and X448 for Ed25519, Ed25519ph, Ed448, Ed448ph, X25519 and X448 for
use in the Internet X.509 Public Key Infrastructure", use in the Internet X.509 Public Key Infrastructure",
November 2016, <https://tools.ietf.org/html/draft-ietf- March 2017, <https://tools.ietf.org/html/draft-ietf-
curdle-pkix-03>. curdle-pkix-04>.
Appendix A. ASN.1 Objects Appendix A. ASN.1 Objects
The normative reference for the ASN.1 objects for Ed25519 and Ed448 The normative reference for the ASN.1 objects for Ed25519 and Ed448
is in [I.D-curdle-pkix]. They are repeated below for convenience. is in [I.D-curdle-pkix]. They are repeated below for convenience.
A.1. ASN.1 Object for Ed25519 A.1. ASN.1 Object for Ed25519
id-Ed25519 OBJECT IDENTIFIER ::= { 1.3.101.112 } id-Ed25519 OBJECT IDENTIFIER ::= { 1.3.101.112 }
 End of changes. 5 change blocks. 
13 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/