Skip to main content

IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA)
draft-ietf-ipsec-ike-auth-ecdsa-06

Revision differences

Document history

Date Rev. By Action
2015-10-14
06 (System) Notify list changed from defu@orion.ncsc.mil, jasolin@orion.ncsc.mil to (None)
2011-01-13
(System)
Posted related IPR disclosure: Certicom's Statement of IPR Related to RFC 4492, RFC 5289, RFC 5430, RFC 4754, RFC 4869, …
Posted related IPR disclosure: Certicom's Statement of IPR Related to RFC 4492, RFC 5289, RFC 5430, RFC 4754, RFC 4869, RFC 4109, RFC 5656, RFC 3278, RFC 5753, RFC 5754, RFC 5008, draft-igoe-secsh-suiteb-02
2009-05-27
(System)
2009-05-18
(System)
2008-10-30
(System)
Posted related IPR disclosure: Certicom's Statement about IPR related to RFC 4346, RFC 5246, RFC 5289, RFC 4492, RFC 2409, …
Posted related IPR disclosure: Certicom's Statement about IPR related to RFC 4346, RFC 5246, RFC 5289, RFC 4492, RFC 2409, RFC 4306, RFC 4754, RFC 4753, RFC 4869, RFC 4253, RFC 2633, RFC 3278, RFC 4347, RFC 4366, RFC 4109, RFC 4252, RFC 3850, RFC 3851, RFC 5008, draft-ietf-tls-rfc43...
2007-01-24
06 Amy Vezza State Changes to RFC Published from RFC Ed Queue by Amy Vezza
2007-01-24
06 Amy Vezza [Note]: 'RFC 4753' added by Amy Vezza
2007-01-18
06 (System) RFC published
2006-11-08
06 (System) Request for Early review by SECDIR Completed. Reviewer: Jeffrey Hutzelman.
2006-11-08
06 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2006-10-27
06 (System) IANA Action state changed to In Progress from Waiting on RFC Editor
2006-10-25
06 (System) IANA Action state changed to Waiting on RFC Editor from RFC-Ed-Ack
2006-10-23
06 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2006-10-15
06 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2006-10-14
06 (System) IANA Action state changed to In Progress from Waiting on Authors
2006-10-06
(System) Posted related IPR disclosure: Certicom's Statement about IPR claimed in RFC 3446, RFC 2409, draft-ietf-tls-ecc-12, draft-ietf-ipsec-ike-auth-ecdsa-05, and draft-ietf-ipsec-ecp-groups-02
2006-10-03
06 (System) IANA Action state changed to Waiting on Authors from In Progress
2006-09-24
06 (System) IANA Action state changed to In Progress from Waiting on RFC Editor
2006-08-08
06 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2006-08-07
06 Amy Vezza IESG state changed to Approved-announcement sent
2006-08-07
06 Amy Vezza IESG has approved the document
2006-08-07
06 Amy Vezza Closed "Approve" ballot
2006-08-04
06 Amy Vezza State Changes to Approved-announcement to be sent from IESG Evaluation by Amy Vezza
2006-08-04
06 (System) Removed from agenda for telechat - 2006-08-03
2006-07-28
06 Russ Housley
[Note]: 'An updated draft was submitted since this was on the agenda.  It contains several minor corrections; the biggest is to assign values for IKEv2 …
[Note]: 'An updated draft was submitted since this was on the agenda.  It contains several minor corrections; the biggest is to assign values for IKEv2 as well as IKE.' added by Russ Housley
2006-07-22
06 Russ Housley
[Note]: 'Draft-ietf-ipsec-ike-auth-ecdsa-06.txt in now available.  It contains several minor corrections; the biggest is to assign values for IKEv2 as well as IKE.' added by …
[Note]: 'Draft-ietf-ipsec-ike-auth-ecdsa-06.txt in now available.  It contains several minor corrections; the biggest is to assign values for IKEv2 as well as IKE.' added by Russ Housley
2006-07-22
06 Russ Housley Placed on agenda for telechat - 2006-08-03 by Russ Housley
2006-07-22
06 Russ Housley State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Russ Housley
2006-07-22
06 Russ Housley [Note]: 'Draft-ietf-ipsec-ike-auth-ecdsa-06.txt in now available.  It contains several minor corrections.' added by Russ Housley
2006-07-20
06 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2006-07-19
06 Amy Vezza Removed from agenda for telechat - 2006-07-20 by Amy Vezza
2006-07-19
06 Amy Vezza [Note]: 'Draft-ietf-ipsec-ike-auth-ecdsa-06.txt in now available.  It contains several minor corrections.' added by Amy Vezza
2006-07-19
06 Russ Housley Placed on agenda for telechat - 2006-07-20 by Russ Housley
2006-07-19
06 Russ Housley [Note]: 'Draft-ietf-ipsec-ike-auth-ecdsa-06.txt in now available.  It contains several minor corrections.' added by Russ Housley
2006-07-18
06 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-06.txt
2006-07-17
06 Russ Housley [Note]: 'Authors have submitted draft-ietf-ipsec-ike-auth-ecdsa-06.txt.  It contains several minor corrections.' added by Russ Housley
2006-07-06
06 Amy Vezza
[Note]: 'There were no objections to approving this document at the 7/06/2006 IESG Teleconference.  It will go into "Approved" when it finishes Last Call.' added …
[Note]: 'There were no objections to approving this document at the 7/06/2006 IESG Teleconference.  It will go into "Approved" when it finishes Last Call.' added by Amy Vezza
2006-07-05
06 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded for Ross Callon by Ross Callon
2006-06-22
06 Amy Vezza Last call sent
2006-06-22
06 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2006-06-22
06 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded for Lisa Dusseault by Lisa Dusseault
2006-06-22
06 Russ Housley Telechat date was changed to 2006-07-06 from 2006-06-22 by Russ Housley
2006-06-22
06 Russ Housley Last Call was requested by Russ Housley
2006-06-22
06 Russ Housley State Changes to Last Call Requested from IESG Evaluation - Defer by Russ Housley
2006-06-22
06 Russ Housley State Changes to IESG Evaluation - Defer from IESG Evaluation by Russ Housley
2006-06-22
06 Bill Fenner [Ballot comment]
Note: the reference to draft-ietf-ipsec-ike-ecp-groups is a downref.
2006-06-22
06 Bill Fenner [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner
2006-06-22
06 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko by Jari Arkko
2006-06-22
06 Jon Peterson [Ballot Position Update] New position, No Objection, has been recorded for Jon Peterson by Jon Peterson
2006-06-21
06 David Kessens [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens
2006-06-21
06 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded for Dan Romascanu by Dan Romascanu
2006-06-21
06 Magnus Westerlund [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund by Magnus Westerlund
2006-06-21
06 Mark Townsley [Ballot Position Update] New position, No Objection, has been recorded for Mark Townsley by Mark Townsley
2006-06-21
06 Lars Eggert [Ballot Position Update] Position for Lars Eggert has been changed to No Objection from Undefined by Lars Eggert
2006-06-21
06 Lars Eggert [Ballot comment]
Has significant idnits.
2006-06-21
06 Lars Eggert [Ballot Position Update] New position, Undefined, has been recorded for Lars Eggert by Lars Eggert
2006-06-21
06 Cullen Jennings [Ballot Position Update] New position, No Objection, has been recorded for Cullen Jennings by Cullen Jennings
2006-06-20
06 Sam Hartman [Ballot Position Update] New position, No Objection, has been recorded for Sam Hartman by Sam Hartman
2006-06-19
06 Ted Hardie [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie
2006-06-19
06 Brian Carpenter
[Ballot comment]
Nits from Gen-ART review by Gonzalo Camarillo:

The boilerplates should be updated to be compliant with current IETF policies.

Acronyms in the title …
[Ballot comment]
Nits from Gen-ART review by Gonzalo Camarillo:

The boilerplates should be updated to be compliant with current IETF policies.

Acronyms in the title of the draft should be expanded.

In section 3, the draft says: The document defines the following... the phrase would be clearer if it said instead: *This* document defines...

The second paragraph of page 4 refers the IANA registry by giving a pointer to a reference ([IANA]). The reference [IANA] points to the registry using its URI. IANA registries should not be referenced by their URIs; they should be referenced by their names. In this case, "The IANA Registry for IPSEC Authentication Methods". This should be changed in both Sections 3 and 5.

The Security Considerations and IANA Considerations Sections are typically the last sections before the References and the Authors' Addresses. This draft has a section (Section 6) after the IANA Considerations section. I suggest that that section is converted into an appendix or moved before the Security Considerations Section.

Nits from Last Call review by Elwyn Davies:

s1, para 2 contains the assertion 'For any given level of security against the best attacks known, ECDSA signatures are smaller than RSA signatures and ECDSA keys require less bandwidth than DSA keys; there are also advantages of computational speed and efficiency in many settings.'  If the reference [LV] backs up this assertion it would be good to reference it here also.  If not it would be good to have some other reference that justifies this assertion.

(actually editorial+): s5: It would be useful to give the three methods mnemonic names which can be placed in the IANA registry and document them in s5.


s1: Acronyms IPsec, RSA and DSA need expansion.

s3: Acronym MAC needs expansion.

s3, table: To avoid confusion with references, the code points (e.g., [19]) currently enclosed in square brackets would be better in round brackets.

s6: It might be helpful to explicitly bracket y^2 = x^3 - 3 x + b  modulo p  - I think this is supposed to be y^2 = (x^3 - 3 x + b)  modulo p

s7.1: BTW IKEv2 has made it to RFC - RFC4306.
2006-06-19
06 Brian Carpenter [Ballot Position Update] New position, No Objection, has been recorded for Brian Carpenter by Brian Carpenter
2006-06-13
06 Russ Housley Placed on agenda for telechat - 2006-06-22 by Russ Housley
2006-06-13
06 Russ Housley State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Russ Housley
2006-06-13
06 Russ Housley [Ballot Position Update] New position, Yes, has been recorded for Russ Housley
2006-06-13
06 Russ Housley Ballot has been issued by Russ Housley
2006-06-13
06 Russ Housley Created "Approve" ballot
2006-05-03
06 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2006-05-02
06 Yoshiko Fong
IANA comments

Upon approval of this document the IANA will assign the following 3 new
authentication algorithms:


          Digital      …
IANA comments

Upon approval of this document the IANA will assign the following 3 new
authentication algorithms:


          Digital        Diffie-
IANA    Signature  Hellman            Hash
Value  Algorithm  Group              Function
----- --------- ------------ -------------
9          ECDSA        P-256 [19]      SHA-256 [4]
10        ECDSA        P-384 [20]      SHA-384 [5]
11        ECDSA        P-521 [21]      SHA-512 [6]


These registrations will take place at the following location:
http://www.iana.org/assignments/ipsec-registry

It is not clear in which registry at the above location these
registrations will go in. Further clarification is needed.
2006-04-09
06 (System) IANA Action state changed to In Progress
2006-04-05
06 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2006-04-05
06 Russ Housley Last Call was requested by Russ Housley
2006-04-05
06 Russ Housley State Changes to Last Call Requested from Waiting for AD Go-Ahead::Revised ID Needed by Russ Housley
2006-03-07
06 Russ Housley State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for Writeup by Russ Housley
2006-03-07
06 Russ Housley State Change Notice email list have been change to defu@orion.ncsc.mil, jasolin@orion.ncsc.mil from jsolinas@orion.ncsc.mil, defu@orion.ncsc.mil
2006-03-06
06 (System) State has been changed to Waiting for Writeup from In Last Call by system
2006-02-06
06 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2006-02-06
06 Russ Housley State Changes to Last Call Requested from AD Evaluation by Russ Housley
2006-02-06
06 Russ Housley Last Call was requested by Russ Housley
2006-02-06
06 (System) Ballot writeup text was added
2006-02-06
06 (System) Last call text was added
2006-02-06
06 (System) Ballot approval text was added
2006-02-06
06 Russ Housley State Changes to AD Evaluation from Publication Requested by Russ Housley
2006-02-06
06 Russ Housley Intended Status has been changed to Proposed Standard from Informational
2006-02-01
(System)
Posted related IPR disclosure: Certicom's Statement about IPR Claimed in RFC 3446, RFC 2409, draft-ietf-tls-ecc-12, draft-ietf-ipsec-ike-auth-ecdsa-05, and draft-ietf-ipsec-ike-ecp-groups-02 and other IETF …
Posted related IPR disclosure: Certicom's Statement about IPR Claimed in RFC 3446, RFC 2409, draft-ietf-tls-ecc-12, draft-ietf-ipsec-ike-auth-ecdsa-05, and draft-ietf-ipsec-ike-ecp-groups-02 and other IETF specifications using ECC technology
2006-01-30
06 Russ Housley Draft Added by Russ Housley in state Publication Requested
2005-10-20
05 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-05.txt
2005-05-31
04 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-04.txt
2005-04-21
03 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-03.txt
2001-03-30
02 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-02.txt
2000-11-06
01 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-01.txt
2000-03-09
00 (System) New version available: draft-ietf-ipsec-ike-auth-ecdsa-00.txt