Well, no; step 2 of the check is unnecessary for the standard IKE groups (1, 2, 5, 14-18), and it is extremely expensive as written; and while there are optimizations possible, it's still not cheap.
-----Original Message----- From: Johannes Merkle [mailto:johannes.mer...@secunet.com] Sent: Friday, December 07, 2012 7:20 AM To: Scott Fluhrer (sfluhrer) Cc: Yaron Sheffer; Manfred Lochter; Yoav Nir; Dan Harkins; IPsecme WG; rfc-...@rfc-editor.org; Sean P. Turner Subject: Re: [IPsec] I-D on Using the ECC Brainpool Curves for IKEv2 Key Exchange For MODP groups, we can just refer to RFC 2631, Section 2.1.5 _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
