This is the specific IESG comment: HIP defines the usage of RSA in signing and encrypting data. Current recommendations propose usage of, for example, RSA OAEP/PSS for these operations in new protocols. Changing the algorithms to more current best practice should be considered.
RFC 4055 defines RSASSA-PSS and RSAES-OAEP keys. Were these ever discussed/considered as HIP key formats? This might be addressed by defining these as new algorithms in 5201-bis. If someone with expertise on this topic could clarify what is needed to address this comment, or could provide a pointer to how other IETF standards have addressed this, I would appreciate it. Otherwise, I will try to sketch out a proposed solution. - Tom _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
