IETF Logo Mail Archive

Re: [babel] Comments on the MAC authentication for Babel draft

David Schinazi <dschinazi.ietf@gmail.com> Wed, 26 August 2020 18:09 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0F1B3A1002 for <babel@ietfa.amsl.com>; Wed, 26 Aug 2020 11:09:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4kjQwnWgwry6 for <babel@ietfa.amsl.com>; Wed, 26 Aug 2020 11:08:59 -0700 (PDT)
Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E38A3A0FFD for <babel@ietf.org>; Wed, 26 Aug 2020 11:08:59 -0700 (PDT)
Received: by mail-lf1-x12b.google.com with SMTP id 12so1481071lfb.11 for <babel@ietf.org>; Wed, 26 Aug 2020 11:08:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xtGSbu6zEUAILEhisfrkTfZgyKNfdxRv+BEmYXYBDKM=; b=VwsuGdzHpkwhU02SBdcFdItPywfTz2oTjTFd/MfM5Qub3oOa3moSfDl9qkiEuG8+5K DLd5uFxGMQ9E9yUPX3HB6jNIZ4b+JGny9x3gzkGIPQMdN2158t+QmRZUDUp8pL1ulOPt FfuuVVn97NfaNVmei3Nl7DlGOQ5ovYOU+soaamY2s0fmP5yLXU7SjWJ/ogRlMpvIbvZW jj0v4CwqXLdfg01dAR0QewjmCrJQEJUuza887kZzE6QGQBFH6xcrcSAo56SafgG7V4yQ Xo+hMQRaL1Ulc/AVL8ydmX9NNl7YTkvYBlEiT+kGnsOg7uFqO5dhnFovuTFnBDNfSVvW yt7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xtGSbu6zEUAILEhisfrkTfZgyKNfdxRv+BEmYXYBDKM=; b=JabwHwCIS7q9MPSVAY0c0F+rV5hqa7Kv8d0NehmX3GY+HMejWfFgLnU0b1g7ee5P95 /HGbD/eCReQkopC91bTvAgjPVHAS8z724k3i3JMSBOyTpQ6BVCbAdWrnlMmAppw+DytD +0phcXyeSnqX/W0c6WLrYktKYU6HYnQ+p5/Q97CvqQmev0MEplhsU6Xj4nRuFh+82Phc H1hh3wUL9yPJCHL9LQfWf/0gaxLOnDA1Xq794acU+7b3Dc8GvdPun4pjjPLLl2Rna61H wN+fl8ndt0IcBLIroPaZAFQZ28NKY7kfE59ngfxcFY289HSag+FjKHKX4NXruqW0sI1m evrw==
X-Gm-Message-State: AOAM5303hbvVg/7Ly1KGTsau1BU9dyvJRHBhnJT6LzAFv9SIpqB5jFVJ FA2Hm5WbK83Z/G3dnScnu5jdxPMru3auFLwPwFs=
X-Google-Smtp-Source: ABdhPJwW8JuePkr4/SRuqEnayJuJtcuEC6UItKuY8VyqkiZ5GzTqs3+nS9nuzIDcNVWL8Hq53TkpmaJcdOqFWdbyglc=
X-Received: by 2002:a05:6512:2107:: with SMTP id q7mr7988124lfr.160.1598465337043; Wed, 26 Aug 2020 11:08:57 -0700 (PDT)
MIME-Version: 1.0
References: <87zh6hem9u.wl-jch@irif.fr> <C56WNVF0GCG7.2H25FHRQ1LL3F@kobain>
In-Reply-To: <C56WNVF0GCG7.2H25FHRQ1LL3F@kobain>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 26 Aug 2020 11:08:46 -0700
Message-ID: <CAPDSy+7DaR2RTJ5cdf02=ECSgbaDN=14Spdz3U6D1NvZed25CA@mail.gmail.com>
To: Antonin Décimo <antonin.decimo@gmail.com>
Cc: Juliusz Chroboczek <jch@irif.fr>, Babel at IETF <babel@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000099b5f005adcbb6db"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/-J4P86y0FOh-LgIU1IMmo-Zyrh4>
Subject: Re: [babel] Comments on the MAC authentication for Babel draft
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2020 18:09:01 -0000

To be slightly pedantic about the IETF process here
(chairs, please correct me if I'm wrong), it's not too late
to make editorial changes to the document. It is too
late to make big technical changes, as that would require
the relevant ADs to re-review the document, but as authors
you can feel free to clarify the wording. Another option is that
you'll be able to also change wording during AUTH48 (one
of the very last steps of the process where the authors go
back and forth with the RFC Editor to get all the editorial
details right). All that will be required is for the responsible
AD (in this case Martin Vigoureux) to review the AUTH48
changes and confirm that they are editorial. I would suggest
making small editorial changes now right before we send
this off to the RFC Editor.

David

On Wed, Aug 26, 2020 at 5:22 AM Antonin Décimo <antonin.decimo@gmail.com>
wrote:

> > > 1. Key length
> >
> > I disagree. Using 64 octets for SHA-256 gives no additional security.
> >
> >
> https://crypto.stackexchange.com/questions/34864/key-size-for-hmac-sha256
>
> Ok, thanks.
>
> > > 2. Digest length
> > when a key is configured in a router, it is configured together with
> > the associated algorithm. The algorithm implies a digest length.
>
> Ah, I see. This is just what I had missed.
>
>
> Thanks for reviewing my comments. I don’t see any bugs left in the
> draft. I’m sorry to see that it’s too late for clarifications.
>
> -- Antonin
>
> _______________________________________________
> babel mailing list
> babel@ietf.org
> https://www.ietf.org/mailman/listinfo/babel
>

v2.23.0 | Report a Bug | By Email