1. Summary
This is a document writeup for draft-ietf-ipsecme-dh-checks-03, prepared by
Paul Hoffman for Sean Turner.
The document corrects a problem found well after RFC 5996 was published.
Implementations that support elliptic curves and DSA, and also reuse private
keys, are vulnerable to some attacks that can be prevented by some simple
checking. This document specifies the circumstances where the attack might
happen and how to prevent them.
This document is appropriate for Standards Track because, if the attack had
been known and understood when RFC 5996 was written, it would certainly have
been part of that document.
2. Review and Consensus
The document was reviewed by enough active developers and
cryptographically-inclined participants to be sufficient for Standards Track.
There is definite consensus to publish.
3. Intellectual Property
Both authors have stated that their direct, personal knowledge of any IPR
related to this document has already been disclosed, in conformance with BCPs
78 and 79. There was no WG discussion about any IPR disclosures regarding this
document.