[PATCH 42/43] Introduce negotiation for Diffie--Hellman groups.

[Mark Wooding]

Ian Jackson <ijackson at chiark.greenend.org.uk> writes:

> Existing secnets do not understand the high cap bits as transforms
> because: only bits 0-7 are reserved for the user; the user should not
> use other bits.  Only bits 8-15 are known transforms.  So there cannot
> be any known transforms in the other bits.
>
> CAPAB_EXPLICIT_TRANSFORM_DH should be bit 15, not bit 31, so that
> current secnets see that we are explicitly advertising all of our
> transforms, even if none of our actual supported transforms are bits
> 0..14.

Ahh, yes.  I see.  Yes, that was a foolish error on my part.

> Ie, I think my previously discussed scheme was better.

You're right, of course.  I was working with the assumption that
CAPAB_EARLY was intended to be constant, which led me to believe that
there needed to be a separate space of early cap bits for both the
implementation and users.  The EXPLICIT bit needed to be early,
certainly, and it seemed reasonable to put the early bits at one end of
the bitfield.  Since the low end was taken, I put them in the top end.

But I can fix that easily enough.  Thanks for your patience with my
folly.

-- [mdw]