Martin Thomson <m...@lowentropy.net> writes: >We implement 7919, which includes an option to only accept server shares from >the 7919 groups. With that option a simple comparison is used to determine if >the group is one from the spec, rejecting all else, but we otherwise just >treat the share as normal.
My code fast-paths known-good primes, for example the RFC 3526 ones, and only does full checking on unknown ones (that is, it recognises things like the 3526 primes in the hello and uses its built-in values for them). I don't do 7919 for the same reason that most other implementations don't, although I've been thinking about adding the 7919 primes to the known-good set. (A side-note about the 3526 values, they've been independently verified outside of their publication in the RFC, has anyone done this for the 7919 ones? Not saying they're suspicious, but it'd be good to get independent verification that the data values match what's described in the RFC). >I'm not aware of anyone seriously using it though, That's a weird thing about 7919, throughout the draft process lots of people pointed out, again and again, that it wasn't going to work if published in that form. So it got published anyway... Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
