On Thu 2019-02-21 00:16:54 +, Peter Gutmann wrote:
> (A side-note about the 3526 values, they've been independently verified
> outside of their publication in the RFC, has anyone done this for the 7919
> ones? Not saying they're suspicious, but it'd be good to get independent
> verification t
Martin Thomson writes:
>We implement 7919, which includes an option to only accept server shares from
>the 7919 groups. With that option a simple comparison is used to determine if
>the group is one from the spec, rejecting all else, but we otherwise just
>treat the share as normal.
My code fa
What David said.
We implement 7919, which includes an option to only accept server shares from
the 7919 groups. With that option a simple comparison is used to determine if
the group is one from the spec, rejecting all else, but we otherwise just treat
the share as normal. I'm not aware of an
It is some evidence, but the server may have been configured with that
group anyway. Regardless, the specification doesn't say anything, so I
think the only reasonable interpretation is the existing TLS 1.2 mechanism,
sadly.
On Wed, Feb 20, 2019 at 12:48 PM Andrey Jivsov wrote:
> Why isn't the
>
Why isn't the
"The server indicates
the choice of group to the client by sending the group's parameters
as usual in the ServerKeyExchange"
https://tools.ietf.org/html/rfc7919#section-4
an evidence that the server supports RFC 7919?
On 2/20/19 10:29 AM, David Benjamin wrote:
> (We haven't actuall
(We haven't actually implemented RFC 7919 and have no plans to, so I'm just
going by the document.)
RFC 7919 doesn't say anything, so I think the only reasonable
interpretation is to continue with the legacy option for TLS 1.2 and below.
It's also the only interoperable option given how the docume
Greetings.
it's unclear to me how is the shared secret g^xy calculated for groups
in https://tools.ietf.org/html/rfc7919 .
If you recall, the TLS 1.1 uses this method the
https://tools.ietf.org/html/rfc4346#section-8.1.2 , causing some
interoperability problems that are hard to fix.
The RFC 7919
