| Main Archive Page > Month Archives > ipsec archives |
Re: [IPsec] Using DSA with IKEv2
From: Paul Hoffman <paul.hoffman_at_nospam>Date: Tue Sep 14 2010 - 23:36:35 GMT
To: êÓÏýÌ ÑÓÌ—ÂÌÍÓ <DXDragon@yandex.ru>, ipsec@ietf.org
Ah, the sadness that is DSA in IKE.
At 2:30 AM +0400 9/15/10, êÓÏýÌ ÑÓÌ—ÂÌÍÓ wrote:
>Greetings,
>
>This is what RFC 5996 has to say about DSA:
>
>>(3.8. Authentication Payload)
>>...
>> DSS Digital Signature 3
>> Computed as specified in Section 2.15 using a DSS private key
>> (see [DSS]) over a SHA-1 hash.
>
>I have several questions about this.
>
>1) DSS is the standard, which approves three digital signature schemes.
>Since the use of two of them (RSA and ECDSA) with IKEv2 is specified
>elsewhere, I'm presuming that the first two occurances of "DSS" above
>actually mean "DSA". Is this correct?
Correct.
>2) DSS only specifies the conceptual form of the signature (two numbers r
>and s), and doesn't define an octet-sequence representation. Neither does
>RFC 5996. So what representation is to be used?
This was simply copied from RFC 4306, which pretty much copied it from RFC 2409.
>3) Why is SHA-1 used here, instead of the SHA corresponding to the key
>length?
Because that is what RFC 2409 said.
None of this is a good justification for why we don't have a better definition for DSA certificate use in IKEv2, just a description of how we got here.
--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec