Additional Diffie-Hellman Groups for Use with IETF Standards

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>
Subject: Document Action: 'Additional Diffie-Hellman Groups for 
         use with IETF Standards' to Informational RFC 

The IESG has approved the following document:

- 'Additional Diffie-Hellman Groups for use with IETF Standards '
   <draft-lepinski-dh-groups-04.txt> as an Informational RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Tim Polk.

A URL of this Internet-Draft is:

Technical Summary
This document specifies (eight) Diffie-Hellman groups for use with
security protocols developed by five different IETF WGs (IPsec, PKIX,
S/MIME, SSH, SSL, and TLS).  The specified groups include three
modular exponentiation groups and five elliptic curve groups.  Several
of the Diffie-Hellman groups specified in this draft are already
defined in WG-specific RFCs (e.g., RFC 3526 and RFC 4753) and I-Ds,
but without the test data provided here. The group definitions and
test data are derived from a NIST document that is available only
on the NIST web site as a PDF.  This draft translates the parameter
terminology from the with NIST document into a form consistent with
RFCs that define Diffie-Hellman groups (in protocol-specific contexts),
and removes extraneous test data that would not be relevant to IETF

Working Group Summary
This document was not the product of any working group, but has been
reviewed by experts from several relevant wgs.  Specifically, this
incorporates comments from: Tero Kivinen, the designated
approver of additional Diffie-Hellman groups for IKE; Sean
Turner S/MIME WG co-chair;  and Pasi Eronen (TLS WG co-chair).  Steve
Kent (PKIX co-chair) is a co-author of this document and he ensured
that PKIX concerns were addressed. No input was solicited form the
SSH WG co-chairs, as that protocol provides a trivial means of
accommodating additional (mod p) Diffie-Hellman groups. SSH provides
no means of accommodating Elliptic Curve Diffie-Hellman groups, and
as a result, the document is silent on use of Elliptic Curve
Diffie-Hellman groups with SSH. (There is an expired I-D that
describes how to use Elliptic Curve Diffie-Hellman with SSH. If it
is re-submitted and adopted by the SSH WG, it would be appropriate
to amend this draft to include it as well.)

Protocol Quality
Tim Polk reviewed this specification for the IESG.  Larry Bassham, who
drafted the base NIST document, has also reviewed the specification.