[PATCH 42/43] Introduce negotiation for Diffie--Hellman groups.
Ian Jackson
ijackson at chiark.greenend.org.uk
Sun Apr 30 23:59:50 BST 2017
Mark Wooding writes ("Re: [PATCH 42/43] Introduce negotiation for Diffie--Hellman groups."):
> You're right, of course. I was working with the assumption that
> CAPAB_EARLY was intended to be constant, which led me to believe that
> there needed to be a separate space of early cap bits for both the
> implementation and users. The EXPLICIT bit needed to be early,
> certainly, and it seemed reasonable to put the early bits at one end of
> the bitfield. Since the low end was taken, I put them in the top end.
EXPLICIT does not need to be early. The new dh bits (apart from the
trad Zp one) need to be early. EXPLICIT should not be early, so that
a new secnet can be configured to be compatible with ones that predate
the capability machinery (by telling it not to advertise new dh
groups).
Ian.
More information about the sgo-software-discuss
mailing list