Print this page
5782 ike.config(4) needs additional oakley_group numbers
@@ -1,7 +1,8 @@
'\" te
.\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
+.\" Copyright (c) 2015, Circonus, Inc. All Rights Reserved.
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
.\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
.\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
.TH IKE.CONFIG 4 "Apr 27, 2009"
.SH NAME
@@ -568,36 +569,84 @@
\fBoakley_group \fInumber\fR\fR
.ad
.sp .6
.RS 4n
The Oakley Diffie-Hellman group used for IKE SA key derivation. The group
-numbers are defined in RFC 2409, Appendix A, and RFC 3526. Acceptable values
-are currently:
+numbers are defined in RFC 2409, Appendix A, RFC 3526, and RFC 5114, section
+3.2. Acceptable values are currently:
.br
.in +2
-1 (768-bit)
+1 (MODP 768-bit)
.in -2
.br
.in +2
-2 (1024-bit)
+2 (MODP 1024-bit)
.in -2
.br
.in +2
-5 (1536-bit)
+3 (EC2N 155-bit)
.in -2
.br
.in +2
-14 (2048-bit)
+4 (EC2N 185-bit)
.in -2
.br
.in +2
-15 (3072-bit)
+5 (MODP 1536-bit)
.in -2
.br
.in +2
-16 (4096-bit)
+14 (MODP 2048-bit)
.in -2
+.br
+.in +2
+15 (MODP 3072-bit)
+.in -2
+.br
+.in +2
+16 (MODP 4096-bit)
+.in -2
+.br
+.in +2
+17 (MODP 6144-bit)
+.in -2
+.br
+.in +2
+18 (MODP 8192-bit)
+.in -2
+.br
+.in +2
+19 (ECP 256-bit)
+.in -2
+.br
+.in +2
+20 (ECP 384-bit)
+.in -2
+.br
+.in +2
+21 (ECP 521-bit)
+.in -2
+.br
+.in +2
+22 (MODP 1024-bit, with 160-bit Prime Order Subgroup)
+.in -2
+.br
+.in +2
+23 (MODP 2048-bit, with 224-bit Prime Order Subgroup)
+.in -2
+.br
+.in +2
+24 (MODP 2048-bit, with 256-bit Prime Order Subgroup)
+.in -2
+.br
+.in +2
+25 (ECP 192-bit)
+.in -2
+.br
+.in +2
+26 (ECP 224-bit)
+.in -2
.RE
.sp
.ne 2
.na
@@ -1145,5 +1194,9 @@
.sp
.LP
Kivinen, T. \fIRFC 3526, More Modular Exponential (MODP) Diffie-Hellman Groups
for Internet Key Exchange (IKE)\fR. The Internet Society, Network Working
Group. May 2003.
+.sp
+.LP
+Lepinksi, M. and Kent, S. \fIRFC 5114, Additional Diffie-Hellman Groups for Use
+with IETF Standards\fR. BBN Technologies, January 2008.