Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cfrg-spake2plus-08> for your review
Lynne Bartholomew <lbartholomew@amsl.com> Tue, 11 April 2023 19:47 UTC
Return-Path: <lbartholomew@amsl.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A222CC169525; Tue, 11 Apr 2023 12:47:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uw1He2Rm3qBJ; Tue, 11 Apr 2023 12:47:39 -0700 (PDT)
Received: from c8a.amsl.com (c8a.amsl.com [4.31.198.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E465DC13739D; Tue, 11 Apr 2023 12:47:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id C73164259777; Tue, 11 Apr 2023 12:47:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c8a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hD62UHTiGYA5; Tue, 11 Apr 2023 12:47:39 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:2601:646:8b00:2810:bc3f:7047:cae9:329e]) by c8a.amsl.com (Postfix) with ESMTPSA id 9A7934259772; Tue, 11 Apr 2023 12:47:39 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.200.110.1.12\))
From: Lynne Bartholomew <lbartholomew@amsl.com>
In-Reply-To: <B0E02606-C657-448D-B3BB-116B9190F1E8@heapingbits.net>
Date: Tue, 11 Apr 2023 12:47:29 -0700
Cc: Tim Taubert <ttaubert=40apple.com@dmarc.ietf.org>, "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>, "Independent Submissions Editor (Eliot Lear)" <rfc-ise@rfc-editor.org>, auth48archive@rfc-editor.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <2102FCCA-C649-4227-9754-20F191E5139E@amsl.com>
References: <1066E889-97DA-4FE8-BED5-D632FF768C3D@amsl.com> <B0E02606-C657-448D-B3BB-116B9190F1E8@heapingbits.net>
To: Christopher Wood <caw@heapingbits.net>
X-Mailer: Apple Mail (2.3731.200.110.1.12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/ZH3SF0nuMgs22vKNorp0eTjZG-g>
Subject: Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cfrg-spake2plus-08> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2023 19:47:44 -0000
Hi, Chris. We've noted your approval: https://www.rfc-editor.org/auth48/rfc9383 Thank you! RFC Editor/lb > On Apr 11, 2023, at 9:32 AM, Christopher Wood <caw@heapingbits.net> wrote: > > Thanks, all, for your work on this document. I approve publication with the changes in Tim’s PR. > > Best, > Chris > >> On Apr 11, 2023, at 11:49 AM, Lynne Bartholomew <lbartholomew@amsl.com> wrote: >> >> Hi, Tim. >> >> We have changed "intermediate" to "input" (for IKM) per your note below. Thank you for pointing it out! >> >> We have also left "(setup protocol)" as is in the trace diagram, per this note on <https://github.com/chris-wood/draft-bar-cfrg-spake2plus/pull/35>: 'I think we should leave this as "setup protocol". It describes a phase of the protocol, not an action.' >> >> The latest files are posted here: >> >> https://www.rfc-editor.org/authors/rfc9383.txt >> https://www.rfc-editor.org/authors/rfc9383.pdf >> https://www.rfc-editor.org/authors/rfc9383.html >> https://www.rfc-editor.org/authors/rfc9383.xml >> https://www.rfc-editor.org/authors/rfc9383-diff.html >> https://www.rfc-editor.org/authors/rfc9383-rfcdiff.html >> https://www.rfc-editor.org/authors/rfc9383-auth48diff.html >> https://www.rfc-editor.org/authors/rfc9383-lastdiff.html >> https://www.rfc-editor.org/authors/rfc9383-lastrfcdiff.html >> >> https://www.rfc-editor.org/authors/rfc9383-xmldiff1.html >> https://www.rfc-editor.org/authors/rfc9383-xmldiff2.html >> >> We have noted your approval on the AUTH48 status page: >> >> https://www.rfc-editor.org/auth48/rfc9383 >> >> Thanks again for your help and attentiveness to this document! >> >> RFC Editor/lb >> >> >>> On Apr 11, 2023, at 5:16 AM, Tim Taubert <ttaubert=40apple.com@dmarc.ietf.org> wrote: >>> >>> Alice, >>> >>> Thank you for updating the draft files once more! >>> >>>>> On Apr 7, 2023, at 20:48, Alice Russo <arusso@amsl.com> wrote: >>>> >>>> Tim, >>>> >>>> Thanks for your reply. Updated Section 1 accordingly (minus the word 'area' which I had mistakenly added in my email). The revised files are here (please refresh): >>>> https://www.rfc-editor.org/authors/rfc9383.html >>>> https://www.rfc-editor.org/authors/rfc9383.txt >>>> https://www.rfc-editor.org/authors/rfc9383.pdf >>>> https://www.rfc-editor.org/authors/rfc9383.xml >>>> >>>> This diff file shows all changes from the approved I-D: >>>> https://www.rfc-editor.org/authors/rfc9383-diff.html >>>> https://www.rfc-editor.org/authors/rfc9383-rfcdiff.html (side by side) >>>> >>>> This diff file shows the changes made during AUTH48 thus far: >>>> https://www.rfc-editor.org/authors/rfc9383-auth48diff.html >>>> >>>> This diff file shows only the changes since the last posted version: >>>> https://www.rfc-editor.org/authors/rfc9383-lastrfcdiff.html (side by side) >>>> >>>> Regarding the items that overlap with 9382: >>>> - Per your note in github: >>>>> I think we should leave this as "setup protocol". It describes a phase of the protocol, not an action. >>>> no change to "setup protocol". Will confirm with the authors of 9382. >>>> - Open item re: IKM's expansion (#9 in https://mailarchive.ietf.org/arch/msg/auth48archive/UhnTFML-8Ns1LXCAaavjZS04-5o/) >>>> >>> >>> The PR changes “intermediate” to “input”. I missed pointing that out, sorry. I agree that this should be “input key material”. >>> >>> As far as I am concerned, this is the last open item before the RFC can be approved for publication. >>> >>> — Tim >>> >>> >>>> We will wait to hear from you again and from your coauthors >>>> before continuing the publication process. This page shows >>>> the AUTH48 status of your document: >>>> https://www.rfc-editor.org/auth48/rfc9383 >>>> >>>> Thank you. >>>> RFC Editor/ar >>>> >>>>> On Apr 6, 2023, at 10:55 PM, Tim Taubert <ttaubert=40apple.com@dmarc.ietf.org> wrote: >>>>> >>>>> Alice, >>>>> >>>>> Thank you. I have updated the PR with the changes you suggested. >>>>> >>>>>> On Apr 6, 2023, at 22:49, Alice Russo <arusso@amsl.com> wrote: >>>>>> >>>>>> Re: #2 >>>>>> Remains open; please let us know any keywords for this document (beyond those that appear in the title). >>>>>> >>>>> >>>>> The keywords that appear in the title are, I think, sufficient. >>>>> >>>>>> Re: #5 >>>>>> In your provided text, FYI we moved "for example" to the beginning of the sentence for readability. In addition, should it be rephrased as follows to clarify the constraints? >>>>>> >>>>>> Current: >>>>>> For example, a constraint may be physical proximity through a local >>>>>> network or when initiation of the protocol requires a first >>>>>> authentication factor. >>>>>> >>>>>> Perhaps: >>>>>> For example, a constraint may be when physical proximity through a local >>>>>> are network is required or when a first authentication factor is required >>>>>> for initiation of the protocol. >>>>>> >>>>> >>>>> This is a good suggestion. I updated the PR. >>>>> >>>>>> >>>>>> Re: #14 >>>>>> In your provided text, FYI we changed "does" to "do", as the subject is plural (the choice, its parameters, and the distribution). Also, added "the" before "distribution". >>>>>> >>>>>> Current: >>>>>> Since the choice of PBKDF, its >>>>>> parameters for computing w0 and w1, and the distribution of w0 and w1 >>>>>> do not affect interoperability, the PBKDF is not included as part of >>>>>> the ciphersuite. >>>>>> >>>>> >>>>> Updated the PR with this suggestion as well. >>>>> >>>>>> Re: #17 and #18 >>>>>> Thank you for providing the line breaks and indentation for the longer lines. We suggest reviewing that it has been updated as intended. >>>>> >>>>> Reviewed the updates. They look good, thanks! >>>>> >>>>> — Tim >>>>> >>>>> >>>>>> We will wait to hear from you again and from your coauthor >>>>>> before continuing the publication process. This page shows >>>>>> the AUTH48 status of your document: >>>>>> https://www.rfc-editor.org/auth48/rfc9383 >>>>>> >>>>>> Thank you. >>>>>> RFC Editor/ar >>>>>> >>>>>>> On Apr 6, 2023, at 9:03 AM, Tim Taubert <ttaubert=40apple.com@dmarc.ietf.org> wrote: >>>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> Thanks for the great comments and suggestions! We submitted a new pull request which should address all draft feedback: >>>>>>> >>>>>>> https://github.com/chris-wood/draft-bar-cfrg-spake2plus/pull/35 >>>>>>> >>>>>>> >>>>>>> — Tim >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On 4. Apr 2023, at 07:10, rfc-editor@rfc-editor.org wrote: >>>>>>>> >>>>>>>> Authors, >>>>>>>> >>>>>>>> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file. >>>>>>>> >>>>>>>> 1) <!-- [rfced] We updated the document title as follows, to define >>>>>>>> "PAKE". We also added "Protocol" per wording in the Abstract and >>>>>>>> Introduction. Please let us know any objections. >>>>>>>> >>>>>>>> Original: >>>>>>>> SPAKE2+, an Augmented PAKE >>>>>>>> >>>>>>>> Currently: >>>>>>>> SPAKE2+, an Augmented Password-Authenticated Key Exchange (PAKE) >>>>>>>> Protocol --> >>>>>>>> >>>>>>>> >>>>>>>> 2) <!-- [rfced] Please insert any keywords (beyond those that appear in the >>>>>>>> title) for use on <https://www.rfc-editor.org/search>. --> >>>>>>>> >>>>>>>> >>>>>>>> 3) <!-- [rfced] Section 1: Does "other party's" refer to the other >>>>>>>> party or to the party that makes direct use of the password? If >>>>>>>> neither suggestion below is correct, please clarify this text. >>>>>>>> >>>>>>>> Original (the previous sentence is included for context): >>>>>>>> SPAKE2+ >>>>>>>> is an augmented PAKE protocol, as only one party makes direct use of >>>>>>>> the password during the execution of the protocol. The other party >>>>>>>> only needs a record corresponding to the other party's registration >>>>>>>> at the time of the protocol execution instead of the password. >>>>>>>> >>>>>>>> Suggestion A ("other party's" refers to the other party): >>>>>>>> SPAKE2+ >>>>>>>> is an augmented PAKE protocol, as only one party makes direct use of >>>>>>>> the password during the execution of the protocol. The other party >>>>>>>> only needs a record corresponding to its own registration at the >>>>>>>> time of the protocol execution instead of the password. >>>>>>>> >>>>>>>> Suggestion B ("other party's" refers to the party that makes direct >>>>>>>> use of the password): >>>>>>>> SPAKE2+ >>>>>>>> is an augmented PAKE protocol, as only one party makes direct use of >>>>>>>> the password during the execution of the protocol. The other party >>>>>>>> only needs a record corresponding to the first party's registration >>>>>>>> at the time of the protocol execution instead of the password. --> >>>>>>>> >>>>>>>> >>>>>>>> 4) <!-- [rfced] Sections 1 and 3: We found the use of the word "which" in >>>>>>>> these sentences confusing. For example, in the first sentence >>>>>>>> listed below, do balanced PAKEs never benefit from Password Hashing >>>>>>>> Functions to the same extent (in which case a comma before "which" >>>>>>>> would be correct), or do balanced PAKEs sometimes benefit from >>>>>>>> Password Hashing Functions to the same extent (in which case "that" >>>>>>>> would be correct)? In the second sentence, does "which" apply to the >>>>>>>> data or the identities? >>>>>>>> >>>>>>>> If the suggested text is not correct, please provide clarifying text, >>>>>>>> taking into account whether or not the intent is to indicate "all >>>>>>>> cases" or "some cases". >>>>>>>> >>>>>>>> Original: >>>>>>>> The record cannot be used directly to >>>>>>>> successfully run the protocol as a prover, making this protocol more >>>>>>>> robust than balanced PAKEs which don't benefit from Password Hashing >>>>>>>> Functions to the same extent. >>>>>>>> ... >>>>>>>> The parties may share additional data >>>>>>>> (the context) separate from their identities which they may want to >>>>>>>> include in the protocol transcript. >>>>>>>> ... >>>>>>>> One example of additional data >>>>>>>> is a list of supported protocol versions if SPAKE2+ were used in a >>>>>>>> higher-level protocol which negotiates the use of a particular PAKE. >>>>>>>> >>>>>>>> Suggested ("all cases", "all cases", and "some cases"): >>>>>>>> The record cannot be used directly to >>>>>>>> successfully run the protocol as a prover, making this protocol more >>>>>>>> robust than balanced PAKEs, which don't benefit from Password >>>>>>>> Hashing Functions to the same extent. >>>>>>>> ... >>>>>>>> The parties may share additional data >>>>>>>> (the context) separate from their identities, which they may want to >>>>>>>> include in the protocol transcript. >>>>>>>> ... >>>>>>>> One example of additional data >>>>>>>> is a list of supported protocol versions if SPAKE2+ were used in a >>>>>>>> higher-level protocol that negotiates the use of a particular PAKE. --> >>>>>>>> >>>>>>>> >>>>>>>> 5) <!-- [rfced] Section 1: This sentence does not parse. Please >>>>>>>> clarify the meaning of "consist in being in" and "or when". >>>>>>>> >>>>>>>> Original: >>>>>>>> Constraints may consist in being in physical proximity through a >>>>>>>> local network or when initiation of the protocol requires a first >>>>>>>> authentication factor. --> >>>>>>>> >>>>>>>> >>>>>>>> 6) <!-- [rfced] Section 3: "fix a generate P" reads oddly. Should >>>>>>>> some words be added or removed? >>>>>>>> >>>>>>>> Original (the next sentence is included for context): >>>>>>>> We fix a generate P of (large) prime-order subgroup of G. P is >>>>>>>> specified in the document defining the group, and so we do not repeat >>>>>>>> it here. >>>>>>>> >>>>>>>> Possibly ("generated" instead of "generate" and clarifying the >>>>>>>> meaning of "the document"): >>>>>>>> We fix a generated point P of the (large) prime-order subgroup of G. >>>>>>>> P will be specified in the document that defines the group, and so we >>>>>>>> do not repeat it here. --> >>>>>>>> >>>>>>>> >>>>>>>> 7) <!--[rfced] FYI, we asked about "intermediate" in "IKM" in >>>>>>>> RFC-to-be 9382; see question #9 in the mail to the authors of that >>>>>>>> document (https://mailarchive.ietf.org/arch/msg/auth48archive/UhnTFML-8Ns1LXCAaavjZS04-5o/). >>>>>>>> We will check with you before making updates. >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 8) <!--[rfced] FYI, we asked about "setup protocol" in RFC-to-be 9382; >>>>>>>> see question #6 in the mail to the authors of that document >>>>>>>> (https://mailarchive.ietf.org/arch/msg/auth48archive/UhnTFML-8Ns1LXCAaavjZS04-5o/). >>>>>>>> We will check with you before making updates. >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 9) <!-- [rfced] Please review the "type" attribute of each artwork >>>>>>>> element in the XML file. Should any of the artwork elements be >>>>>>>> tagged as sourcecode? Please see >>>>>>>> <https://www.rfc-editor.org/materials/sourcecode-types.txt>. >>>>>>>> For example, could some artwork be listed as sourcecode with >>>>>>>> type="pseudocode" or - in Section 4 and Appendix C - "test-vectors"? >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 10) <!-- [rfced] Sections 3.2 and 3.3: Should "represented as the empty >>>>>>>> octet string" be "represented as an empty octet string"? >>>>>>>> >>>>>>>> Original: >>>>>>>> If an identity is unknown at the time of computing w0s or w1s, its >>>>>>>> length is given as zero and the identity itself is represented as the >>>>>>>> empty octet string. >>>>>>>> ... >>>>>>>> If an identity is absent, its length is given as zero and the >>>>>>>> identity itself is represented as the empty octet string. >>>>>>>> >>>>>>>> Possibly: >>>>>>>> If an identity is unknown at the time of computing w0s or w1s, its >>>>>>>> length is given as zero and the identity itself is represented as an >>>>>>>> empty octet string. >>>>>>>> ... >>>>>>>> If an identity is absent, its length is given as zero and the >>>>>>>> identity itself is represented as an empty octet string. --> >>>>>>>> >>>>>>>> >>>>>>>> 11) <!-- [rfced] Section 3.3: We found the use of "that" in this >>>>>>>> sentence confusing. Are Z and V always shared as common values, >>>>>>>> or only sometimes? >>>>>>>> >>>>>>>> Original: >>>>>>>> Both participants compute Z and V that are now shared as common >>>>>>>> values. >>>>>>>> >>>>>>>> Possibly (Z and V are always shared after both participants compute >>>>>>>> them): >>>>>>>> Both participants compute Z and V; Z and V are then shared as common >>>>>>>> values. --> >>>>>>>> >>>>>>>> >>>>>>>> 12) <!-- [rfced] Section 3.3: To what does "that which" refer in this >>>>>>>> sentence? If the suggested text is not correct, please provide >>>>>>>> clarifying text. >>>>>>>> >>>>>>>> Original: >>>>>>>> Key >>>>>>>> confirmation verification requires recomputation of confirmP or >>>>>>>> confirmV and checking for equality against that which was received. >>>>>>>> >>>>>>>> Suggested: >>>>>>>> Key >>>>>>>> confirmation verification requires recomputation of confirmP or >>>>>>>> confirmV and checking for equality against the data that was >>>>>>>> received. --> >>>>>>>> >>>>>>>> >>>>>>>> 13) <!-- [rfced] Section 3.4: We expanded "AEAD" as "Authenticated >>>>>>>> Encryption with Associated Data". If this is incorrect, please >>>>>>>> provide the correct expansion. >>>>>>>> >>>>>>>> Original: >>>>>>>> For example, applications >>>>>>>> MAY derive one or more AEAD keys and nonces from K_shared for >>>>>>>> subsequent application data encryption. >>>>>>>> >>>>>>>> Currently: >>>>>>>> For example, applications >>>>>>>> MAY derive one or more Authenticated Encryption with Associated Data >>>>>>>> (AEAD) keys and nonces from K_shared for subsequent application data >>>>>>>> encryption. --> >>>>>>>> >>>>>>>> >>>>>>>> 14) <!-- [rfced] Section 4: Does "distributing" refer to w0 and w1, or >>>>>>>> something else? >>>>>>>> >>>>>>>> Original: >>>>>>>> Since the choice of PBKDF and >>>>>>>> its parameters for computing w0 and w1 and distributing does not >>>>>>>> affect interoperability, the PBKDF is not included as part of the >>>>>>>> ciphersuite. >>>>>>>> >>>>>>>> Possibly: >>>>>>>> Since the choice of PBKDF and >>>>>>>> its parameters for computing and distributing w0 and w1 does not >>>>>>>> affect interoperability, the PBKDF is not included as part of the >>>>>>>> ciphersuite. --> >>>>>>>> >>>>>>>> >>>>>>>> 15) <!-- [rfced] Table 1: We do not see "SHA512", "SHA-512", or "512" >>>>>>>> in RFC 5869. Will these citations in this table be clear to readers? >>>>>>>> >>>>>>>> We have the same question for SHA256, and SHA512; we do not see them >>>>>>>> listed in RFC 2104. --> >>>>>>>> >>>>>>>> >>>>>>>> 16) <!-- [rfced] Appendices A.1 and A.2: "behavior consists of" reads >>>>>>>> oddly in these sentences. If the suggested text is not correct, >>>>>>>> please clarify. >>>>>>>> >>>>>>>> Original: >>>>>>>> The Prover's behavior consists of two functions, ProverInit and >>>>>>>> ProverFinish, which are described below. >>>>>>>> ... >>>>>>>> The Verifier's behavior consists of a single function, >>>>>>>> VerifierFinish, which is described below. >>>>>>>> >>>>>>>> Suggested: >>>>>>>> The Prover's process involves two functions, ProverInit and >>>>>>>> ProverFinish, which are described below. >>>>>>>> ... >>>>>>>> The Verifier's process involves a single function, VerifierFinish, >>>>>>>> which is described below. --> >>>>>>>> >>>>>>>> >>>>>>>> 17) <!-- [rfced] Appendix A.3: FYI, due to the line-length limitation, >>>>>>>> we have added a line break as follows. (The subsequent line is >>>>>>>> indented 2 characters; similar indentation is used in RFC 8805.) >>>>>>>> Please let us know if you prefer otherwise. >>>>>>>> >>>>>>>> Original: >>>>>>>> def ComputeTranscript(Context, idProver, idVerifier, shareP, shareV, Z, V, w0): >>>>>>>> >>>>>>>> Current: >>>>>>>> def ComputeTranscript(Context, idProver, idVerifier, shareP, shareV, >>>>>>>> Z, V, w0): >>>>>>>> >>>>>>>> Also, please let us know if you'd like to add a sentence such as >>>>>>>> "Line breaks have been added due to line-length limitations" >>>>>>>> (as used in RFC 7790 and other documents). >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 18) <!--[rfced] Appendix A.5: Similar to above, may we add a line break >>>>>>>> (in 2 instances) so that this artwork is not "outdented" into the >>>>>>>> left margin in the text output? To summarize line-length limitations: >>>>>>>> * 72 characters for artwork elements. (Note: in the text output, >>>>>>>> the renderer will "outdent" into the left margin for artwork >>>>>>>> that is over 69 characters.) >>>>>>>> * 69 characters for sourcecode elements. >>>>>>>> >>>>>>>> Original (2 instances): >>>>>>>> TT = ComputeTranscript(Context, idProver, idVerifier, X, Y, Z, V, w0) >>>>>>>> >>>>>>>> Perhaps: >>>>>>>> TT = ComputeTranscript(Context, idProver, idVerifier, X, Y, Z, >>>>>>>> V, w0) >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 19) <!-- [rfced] Appendix B: We found "the table below" in this >>>>>>>> sentence confusing, as there isn't a table below this text. >>>>>>>> We find '"1.3.132.0.35 point generation seed (M)" for P-512' >>>>>>>> confusing as well, because we see 1.3.132.0.35 associated with P521 >>>>>>>> ("For P521:") in Section 4. >>>>>>>> >>>>>>>> (We also see 1.3.132.0.35 associated with P521 on >>>>>>>> <http://www.oid-info.com/ >>>>>>>> cgi-bin/display?oid=1.3.132.0.35&action=display> and in RFC 5480.) >>>>>>>> >>>>>>>> May we change "table" to "Python snippet", per the paragraph just >>>>>>>> before the Python snippet? >>>>>>>> Should either P-512 or P521 (but not both) be used to refer to >>>>>>>> 1.3.132.0.35? >>>>>>>> >>>>>>>> Original: >>>>>>>> For each curve in the table below, we construct a string using the >>>>>>>> curve OID from [RFC5480] (as an ASCII string) or its name, combined >>>>>>>> with the needed constant, for instance "1.3.132.0.35 point >>>>>>>> generation seed (M)" for P-512. >>>>>>>> >>>>>>>> Possibly: >>>>>>>> For each curve in the Python snippet below, we construct a string >>>>>>>> using the curve OID from [RFC5480] (as an ASCII string) or its name, >>>>>>>> combined with the needed constant - for instance, "1.3.132.0.35 point >>>>>>>> generation seed (M)" for P521. --> >>>>>>>> >>>>>>>> >>>>>>>> 20) <!--[rfced] Appendix C: FYI, the one large artwork element has been >>>>>>>> separated, as there seems to be 7 vectors. Please let us know if you >>>>>>>> prefer otherwise. >>>>>>>> --> >>>>>>>> >>>>>>>> >>>>>>>> 21) <!-- [rfced] Please review the "Inclusive Language" portion of the >>>>>>>> online Style Guide at <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>, >>>>>>>> and let us know if any changes are needed. >>>>>>>> >>>>>>>> Note that our script did not flag any words in particular, but this >>>>>>>> should still be reviewed as a best practice. --> >>>>>>>> >>>>>>>> >>>>>>>> 22) <!-- [rfced] The following term appears to be used inconsistently in >>>>>>>> this document. Please let us know which form is preferred. >>>>>>>> >>>>>>>> Password Hashing Function / password hash function --> >>>>>>>> >>>>>>>> >>>>>>>> Thank you. >>>>>>>> >>>>>>>> RFC Editor/ar/lb >>>>>>>> >>>>>>>> >>>>>>>> On Apr 3, 2023, rfc-editor@rfc-editor.org wrote: >>>>>>>> >>>>>>>> *****IMPORTANT***** >>>>>>>> >>>>>>>> Updated 2023/04/03 >>>>>>>> >>>>>>>> RFC Author(s): >>>>>>>> -------------- >>>>>>>> >>>>>>>> Instructions for Completing AUTH48 >>>>>>>> >>>>>>>> Your document has now entered AUTH48. Once it has been reviewed and >>>>>>>> approved by you and all coauthors, it will be published as an RFC. >>>>>>>> If an author is no longer available, there are several remedies >>>>>>>> available as listed in the FAQ (https://www.rfc-editor.org/faq/). >>>>>>>> >>>>>>>> You and you coauthors are responsible for engaging other parties >>>>>>>> (e.g., Contributors or Working Group) as necessary before providing >>>>>>>> your approval. >>>>>>>> >>>>>>>> Planning your review >>>>>>>> --------------------- >>>>>>>> >>>>>>>> Please review the following aspects of your document: >>>>>>>> >>>>>>>> * RFC Editor questions >>>>>>>> >>>>>>>> Please review and resolve any questions raised by the RFC Editor >>>>>>>> that have been included in the XML file as comments marked as >>>>>>>> follows: >>>>>>>> >>>>>>>> <!-- [rfced] ... --> >>>>>>>> >>>>>>>> These questions will also be sent in a subsequent email. >>>>>>>> >>>>>>>> * Changes submitted by coauthors >>>>>>>> >>>>>>>> Please ensure that you review any changes submitted by your >>>>>>>> coauthors. We assume that if you do not speak up that you >>>>>>>> agree to changes submitted by your coauthors. >>>>>>>> >>>>>>>> * Content >>>>>>>> >>>>>>>> Please review the full content of the document, as this cannot >>>>>>>> change once the RFC is published. Please pay particular attention to: >>>>>>>> - IANA considerations updates (if applicable) >>>>>>>> - contact information >>>>>>>> - references >>>>>>>> >>>>>>>> * Copyright notices and legends >>>>>>>> >>>>>>>> Please review the copyright notice and legends as defined in >>>>>>>> RFC 5378 and the Trust Legal Provisions >>>>>>>> (TLP – https://trustee.ietf.org/license-info/). >>>>>>>> >>>>>>>> * Semantic markup >>>>>>>> >>>>>>>> Please review the markup in the XML file to ensure that elements of >>>>>>>> content are correctly tagged. For example, ensure that <sourcecode> >>>>>>>> and <artwork> are set correctly. See details at >>>>>>>> <https://authors.ietf.org/rfcxml-vocabulary>. >>>>>>>> >>>>>>>> * Formatted output >>>>>>>> >>>>>>>> Please review the PDF, HTML, and TXT files to ensure that the >>>>>>>> formatted output, as generated from the markup in the XML file, is >>>>>>>> reasonable. Please note that the TXT will have formatting >>>>>>>> limitations compared to the PDF and HTML. >>>>>>>> >>>>>>>> >>>>>>>> Submitting changes >>>>>>>> ------------------ >>>>>>>> >>>>>>>> To submit changes, please reply to this email using ‘REPLY ALL’ as all >>>>>>>> the parties CCed on this message need to see your changes. The parties >>>>>>>> include: >>>>>>>> >>>>>>>> * your coauthors >>>>>>>> >>>>>>>> * rfc-editor@rfc-editor.org (the RPC team) >>>>>>>> >>>>>>>> * other document participants, depending on the stream (e.g., >>>>>>>> IETF Stream participants are your working group chairs, the >>>>>>>> responsible ADs, and the document shepherd). >>>>>>>> >>>>>>>> * auth48archive@rfc-editor.org, which is a new archival mailing list >>>>>>>> to preserve AUTH48 conversations; it is not an active discussion >>>>>>>> list: >>>>>>>> >>>>>>>> * More info: >>>>>>>> https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc >>>>>>>> >>>>>>>> * The archive itself: >>>>>>>> https://mailarchive.ietf.org/arch/browse/auth48archive/ >>>>>>>> >>>>>>>> * Note: If only absolutely necessary, you may temporarily opt out >>>>>>>> of the archiving of messages (e.g., to discuss a sensitive matter). >>>>>>>> If needed, please add a note at the top of the message that you >>>>>>>> have dropped the address. When the discussion is concluded, >>>>>>>> auth48archive@rfc-editor.org will be re-added to the CC list and >>>>>>>> its addition will be noted at the top of the message. >>>>>>>> >>>>>>>> You may submit your changes in one of two ways: >>>>>>>> >>>>>>>> An update to the provided XML file >>>>>>>> — OR — >>>>>>>> An explicit list of changes in this format >>>>>>>> >>>>>>>> Section # (or indicate Global) >>>>>>>> >>>>>>>> OLD: >>>>>>>> old text >>>>>>>> >>>>>>>> NEW: >>>>>>>> new text >>>>>>>> >>>>>>>> You do not need to reply with both an updated XML file and an explicit >>>>>>>> list of changes, as either form is sufficient. >>>>>>>> >>>>>>>> We will ask a stream manager to review and approve any changes that seem >>>>>>>> beyond editorial in nature, e.g., addition of new text, deletion of text, >>>>>>>> and technical changes. Information about stream managers can be found in >>>>>>>> the FAQ. Editorial changes do not require approval from a stream manager. >>>>>>>> >>>>>>>> >>>>>>>> Approving for publication >>>>>>>> -------------------------- >>>>>>>> >>>>>>>> To approve your RFC for publication, please reply to this email stating >>>>>>>> that you approve this RFC for publication. Please use ‘REPLY ALL’, >>>>>>>> as all the parties CCed on this message need to see your approval. >>>>>>>> >>>>>>>> >>>>>>>> Files >>>>>>>> ----- >>>>>>>> >>>>>>>> The files are available here: >>>>>>>> https://www.rfc-editor.org/authors/rfc9383.xml >>>>>>>> https://www.rfc-editor.org/authors/rfc9383.html >>>>>>>> https://www.rfc-editor.org/authors/rfc9383.pdf >>>>>>>> https://www.rfc-editor.org/authors/rfc9383.txt >>>>>>>> >>>>>>>> Diff file of the text: >>>>>>>> https://www.rfc-editor.org/authors/rfc9383-diff.html >>>>>>>> https://www.rfc-editor.org/authors/rfc9383-rfcdiff.html (side by side) >>>>>>>> >>>>>>>> Diff of the XML: >>>>>>>> https://www.rfc-editor.org/authors/rfc9383-xmldiff1.html >>>>>>>> >>>>>>>> Tracking progress >>>>>>>> ----------------- >>>>>>>> >>>>>>>> The details of the AUTH48 status of your document are here: >>>>>>>> https://www.rfc-editor.org/auth48/rfc9383 >>>>>>>> >>>>>>>> Please let us know if you have any questions. >>>>>>>> >>>>>>>> Thank you for your cooperation, >>>>>>>> >>>>>>>> RFC Editor >>>>>>>> >>>>>>>> -------------------------------------- >>>>>>>> RFC9383 (draft-bar-cfrg-spake2plus-08) >>>>>>>> >>>>>>>> Title : SPAKE2+, an Augmented PAKE >>>>>>>> Author(s) : T. Taubert, C.A. Wood >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >> >
- [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cfrg-s… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Tim Taubert
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Tim Taubert
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Tim Taubert
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Christopher Wood
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Christopher Wood
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Christopher Wood
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9383 <draft-bar-cf… Lynne Bartholomew