Section 3.8 of IKEv2bis (Authentication Payload) makes no mention of ECDSA. Now granted, there is no mention of ECDH in the Transform substructure section either, so perhaps that's why.
Given the recent firestorm on ECDH (4753 and its errata), it begs the question --> does ECDSA have a similar issue with coordinate mismatches? Dan _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec