[AVTCORE] [IANA #1287104] [Errata Verified] RFC7714 (4938)
Amanda Baber via RT <iana-matrix@iana.org> Sat, 25 November 2023 03:24 UTC
Return-Path: <iana-shared@icann.org>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D778FC151993 for <avt@ietfa.amsl.com>; Fri, 24 Nov 2023 19:24:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.657
X-Spam-Level:
X-Spam-Status: No, score=-1.657 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lvb-vygEM2rV for <avt@ietfa.amsl.com>; Fri, 24 Nov 2023 19:24:47 -0800 (PST)
Received: from smtp.lax.icann.org (smtp.lax.icann.org [IPv6:2620:0:2d0:201::1:81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8789EC15155B for <avt@ietf.org>; Fri, 24 Nov 2023 19:24:47 -0800 (PST)
Received: from request6.lax.icann.org (request1.lax.icann.org [10.32.11.221]) by smtp.lax.icann.org (Postfix) with ESMTP id 6A22AE1352; Sat, 25 Nov 2023 03:24:47 +0000 (UTC)
Received: by request6.lax.icann.org (Postfix, from userid 48) id 6549E52F3F; Sat, 25 Nov 2023 03:24:47 +0000 (UTC)
RT-Owner: amanda.baber
From: Amanda Baber via RT <iana-matrix@iana.org>
Reply-To: iana-matrix@iana.org
In-Reply-To: <20231108084129.F027EAE80@rfcpa.amsl.com>
References: <RT-Ticket-1287104@icann.org> <20231108084129.F027EAE80@rfcpa.amsl.com>
Message-ID: <rt-5.0.3-102324-1700882687-399.1287104-37-0@icann.org>
X-RT-Loop-Prevention: IANA
X-RT-Ticket: IANA #1287104
X-Managed-BY: RT 5.0.3 (http://www.bestpractical.com/rt/)
X-RT-Originator: amanda.baber@icann.org
To: rfc-editor@rfc-editor.org
CC: superuser@gmail.com, paulej@packetizer.com, MythicalKevin@yahoo.com, mcgrew@cisco.com, avt@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-RT-Original-Encoding: utf-8
Precedence: bulk
Date: Sat, 25 Nov 2023 03:24:47 +0000
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/P9TqZaMz5LFMPq7Nl2WG2tEefbY>
Subject: [AVTCORE] [IANA #1287104] [Errata Verified] RFC7714 (4938)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Nov 2023 03:24:51 -0000
Hi, Should this errata report be listed as an additional reference for any of the registrations made by this document? See https://www.iana.org/assignments/mikey-payloads https://www.iana.org/assignments/sdp-security-descriptions https://www.iana.org/assignments/srtp-protection thanks, Amanda Baber IANA Operations Manager On Wed Nov 08 08:41:52 2023, rfc-editor@rfc-editor.org wrote: > The following errata report has been verified for RFC7714, > "AES-GCM Authenticated Encryption in the Secure Real-time Transport > Protocol (SRTP)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid4938 > > -------------------------------------- > Status: Verified > Type: Technical > > Reported by: Paul E. Jones <paulej@packetizer.com> > Date Reported: 2017-02-16 > Verified by: Murray Kucherawy (IESG) > > Section: 11 > > Original Text > ------------- > A Key Derivation Function (KDF) is used to derive all of the required > encryption and authentication keys from a secret value shared by the > endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) > AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the > AES_256_CM_PRF KDF described in [RFC6188]. > > Corrected Text > -------------- > A Key Derivation Function (KDF) is used to derive all of the required > encryption and authentication keys from a secret value shared by the > endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) > AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the > AES_256_CM_PRF KDF described in [RFC6188]. Since the KDF functions in > those RFCs assume as input a 112-bit master salt, the 96-bit master > salt specified in this document must be multiplied by 2^16 to form the > 112-bit salt used as the master salt in those key derivation > functions. > > Notes > ----- > The salt specified in RFC 7714 is 96 bits in length, but intended for > use in KDF functions defined in RFC 3711. This led to different > interpretations when implementing this RFC. A more complete > description was presented on the avtcore mailing list > (https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA) > and, after some dialog, there seemed to be agreement to adopt the > approach most widely implemented > (https://mailarchive.ietf.org/arch/msg/avt/- > C1cIWQXpyzS2KfBjGR6B2kK92w). This suggested text is intended to > reflect that agreement. In effect, 16 zero bits are padded to the > right of the salt value defined in RFC 7714 (creating a 112 bit salt > value) before it is used as described in the KDF functions defined in > RFC 3711 that require a 112 bit salt value. > > -------------------------------------- > RFC7714 (draft-ietf-avtcore-srtp-aes-gcm-17) > -------------------------------------- > Title : AES-GCM Authenticated Encryption in the Secure > Real-time Transport Protocol (SRTP) > Publication Date : December 2015 > Author(s) : D. McGrew, K. Igoe > Category : PROPOSED STANDARD > Source : Audio/Video Transport Core Maintenance > Area : Applications and Real-Time > Stream : IETF > Verifying Party : IESG
- [AVTCORE] [Errata Verified] RFC7714 (4938) RFC Errata System
- [AVTCORE] [IANA #1287104] [Errata Verified] RFC77… Amanda Baber via RT