[Ach] DH Groups in VPN section
Aaron Zauner
azet at azet.org
Tue Dec 17 14:25:10 CET 2013
I’ve removed them for now. Since we’d need to discuss which of the SECG curves (i.e. at which security level) we’d be willing to include. Some of those are low security others high.
Aaron
On 17 Dec 2013, at 13:27, L. Aaron Kaplan <kaplan at cert.at> wrote:
>
> On Dec 17, 2013, at 1:22 PM, Aaron Zauner <azet at azet.org> wrote:
>
>> The table now states:
>>
>> Group 14–18, 19–21
>>
>> and
>>
>> Group 14–21
>>
>> This includes (NIST) EC groups. Do we want that in a VPN? Probably not.
>>
>> I’d rather put Group 14, 21 there explicitly. I’ll change that.
>>
>
> I'd say:
>
> Leave them in there but mark them as NIST curves and refer to the section on ECC which discusses the issues with NIST curves.
>
>
>
>> Aaron
>> _______________________________________________
>> Ach mailing list
>> Ach at lists.cert.at
>> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>
> ---
> // L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
> // CERT Austria - http://www.cert.at/
> // Eine Initiative der nic.at GmbH - http://www.nic.at/
> // Firmenbuchnummer 172568b, LG Salzburg
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131217/8ce8f35f/attachment.sig>
More information about the Ach
mailing list