Using the Elliptic Curve Cryptography (ECC) Brainpool Curves for the Internet Key Exchange Protocol Version 2 (IKEv2)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org> Subject: Document Action: 'Using the ECC Brainpool Curves for IKEv2 Key Exchange' to Informational RFC (draft-merkle-ikev2-ke-brainpool-04.txt) The IESG has approved the following document: - 'Using the ECC Brainpool Curves for IKEv2 Key Exchange' (draft-merkle-ikev2-ke-brainpool-04.txt) as Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-merkle-ikev2-ke-brainpool/
Technical Summary This memo specifies the use of new elliptic curves, generated by the ECC Brainpool, for use in version 2 of the Internet Key Exchange. Because version 2 of the Internet Key Exchange was ambiguous about how points on an elliptic curve are encoded in the KE payload and what the shared secret result of an ECDH looked like, this memo also specifies that information when using an ECC Brainpool curve. Working Group Summary This memo is not a working group document but it was discussed on the IPsec mailing list. Earlier versions of the memo discussed point compression when encoding a point on a curve into the KE payload but due to opposition to point compression that was removed. There wa salso working group discussion on validation of public keys, including ECC public keys. The draft mentions the need to validate a received ECC public key, per working group discussion and refers to an I-D that specifies such validation. Document Quality The elliptic curves have been used in other protocols than IKE. The test vectors in the memo have been verified by the document shepherd. Personnel Dan Harkins is the document shepherd. The responsible area director is Sean Turner.