IETF Logo Mail Archive

Re: [babel] Some open HMAC issues

David Schinazi <dschinazi@apple.com> Mon, 02 July 2018 16:30 UTC

Return-Path: <dschinazi@apple.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 788F0130EDD for <babel@ietfa.amsl.com>; Mon, 2 Jul 2018 09:30:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oBAjLIXkNCKR for <babel@ietfa.amsl.com>; Mon, 2 Jul 2018 09:30:49 -0700 (PDT)
Received: from mail-in4.apple.com (mail-out4.apple.com [17.151.62.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0C091311F5 for <babel@ietf.org>; Mon, 2 Jul 2018 09:30:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1530549049; x=2394462649; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=e43oLfpFpvNxH7APxoZStRSj4z5q96Ic9/MJGIRJstM=; b=b39gb6GktigYgqL6tfjnPQYvQcqk6xYF+5aLtYaxQ7HeYhm9qPDx/MnBXM0j8bEK vfhTvkaywfkjjmPlVdLkdjqLfKi35D8MmQSzU2yWsdb612B3n7xZyWM4IVz+wlPi a0LQ3zF1g5Y0gvFRL0HRYnLJYOG0LfLAA1vfuAU2z/dNkYNyFT4PhZa7WBUb8Nmn 9gX3YXrr1mkxvmfTBJjG/hhUmts06/c1WgfTw50WR2mYH8MafvrsdU1LRDbrh49k EFYRxge/FrJlDMpHuhuoUzCmfqspIhCqy4vBC3RL/cW0dkXoWQem+rjZH62O0iKL nEuOTQUIS2cnZVZt0M8yUg==;
X-AuditID: 11973e12-ef58c9e0000010b7-bd-5b3a533988d9
Received: from ma1-mtap-s03.corp.apple.com (ma1-mtap-s03.corp.apple.com [17.40.76.7]) (using TLS with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail-in4.apple.com (Apple Secure Mail Relay) with SMTP id 93.D8.04279.9335A3B5; Mon, 2 Jul 2018 09:30:49 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; CHARSET="US-ASCII"
Received: from nwk-mmpp-sz13.apple.com (nwk-mmpp-sz13.apple.com [17.128.115.216]) by ma1-mtap-s03.corp.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) with ESMTPS id <0PB8005JEZ746JE0@ma1-mtap-s03.corp.apple.com>; Mon, 02 Jul 2018 09:30:48 -0700 (PDT)
Received: from process_viserion-daemon.nwk-mmpp-sz13.apple.com by nwk-mmpp-sz13.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) id <0PB800J00Z1S6600@nwk-mmpp-sz13.apple.com>; Mon, 02 Jul 2018 09:30:47 -0700 (PDT)
X-Va-CD: 0
X-Va-ID: f5dfe0d6-7230-4ac1-8271-88de12ef4e14
X-V-A:
X-V-T-CD: 7d6566e1ce32e60bd701207e1252a9a5
X-V-E-CD: 25db9c8def847da5f3c8f83d464a40b5
X-V-R-CD: fbd4a3ecf174248f2009b74dbcdd7cb8
X-V-CD: 0
X-V-ID: 0c64823f-8730-4b08-8901-236038dbc604
Received: from process_milters-daemon.nwk-mmpp-sz13.apple.com by nwk-mmpp-sz13.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) id <0PB800I00Z10RD00@nwk-mmpp-sz13.apple.com>; Mon, 02 Jul 2018 09:30:37 -0700 (PDT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-07-02_05:,, signatures=0
X-Proofpoint-Scanner-Instance: nwk-grpmailp-qapp18.corp.apple.com-10000_instance1
Received: from [17.234.91.176] by nwk-mmpp-sz13.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) with ESMTPSA id <0PB800FCGZ6MCH00@nwk-mmpp-sz13.apple.com>; Mon, 02 Jul 2018 09:30:25 -0700 (PDT)
Sender: dschinazi@apple.com
From: David Schinazi <dschinazi@apple.com>
In-reply-to: <87sh523xy8.wl-jch@irif.fr>
Date: Mon, 02 Jul 2018 09:30:21 -0700
Cc: Clara Dô <clarado_perso@yahoo.fr>, Weronika Kołodziejak <weronika.kolodziejak@gmail.com>, babel@ietf.org
Message-id: <7E5E0D4C-0049-47D1-ACFA-31EA0F843237@apple.com>
References: <87sh545st3.wl-jch@irif.fr> <411E2C9F-A910-4899-8DD7-92C0C85EBC54@apple.com> <87sh523xy8.wl-jch@irif.fr>
To: Juliusz Chroboczek <jch@irif.fr>
X-Mailer: Apple Mail (2.3445.9.1)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrGIsWRmVeSWpSXmKPExsUiqOHDrmsZbBVtcGiPmsWWRd0sFhsur2O2 mN+6jM3iw6c7rA4sHjtn3WX3WLLkJ5PH4i1vGT1eTX/IHsASxWWTkpqTWZZapG+XwJXRcfQU W8EHloqPO9YzNTC+ZO5i5OSQEDCR+L92N5DNxSEksI9JYsKbVUwgCV4BQYkfk++xdDFycDAL yEscPC8LEmYW0JL4/qiVBaJ+I5PErje3oJwuJonp8y4wQkzlkliw9TQrhK0r0fFlAlScTWL9 iSVMELaWxNPtz1lh7N4LC1hg7PY/P6DinBLnv0xkh7B1JC4fesMOsayTSeLbtMdQg7Il+udM Zga5VEIgWGL/W2WImq+MEot3bAB7U1hAWqLrwl1WkBphoAUXVliBmGxA5oE1RiAVnAIaEue2 XgU7k0VAVWLuyS1gfzELTGSUuPLuLwskUGwkJt7cAjZSSKBMYs60bjYQW0RARWL5tGdQdypK 9K85xDaBUXYWUjjOQoTjLKRwXMDIvIpRKDcxM0c3M89EL7GgICdVLzk/dxMjKOKn2wntYDy1 yuoQowAHoxIP7wVFq2gh1sSy4srcQ4zSHCxK4rxmSabRQgLpiSWp2ampBalF8UWlOanFhxiZ ODilGhj5uX4WLLDY2XX9xZ03oc4nFuctn/y0+edCmZ1vM1tO30xV2m4azLFtr4pAo7uU5bxL pmfEba/63arfXBYQydsfLM/a+2Pdygr5Yxa7Anf4JndlL972ILjlb7mkvZ0g476bikv/G76o O9Zy2nteSy/3l0ff0madYLvbqbrZRKpUeprs7Dydo3JKLMUZiYZazEXFiQCqJd2Y2QIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/1w4NFj_S2BoDyXgklYaCP_iiAkg>
Subject: Re: [babel] Some open HMAC issues
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2018 16:30:53 -0000

>> 10. KeyID
> 
>> I think there is value in having a KeyID next to the HMAC to allow better
>> performance when using multiple keys. RFC7298 had a 16bit KeyID,
>> and that sounded reasonable to me.
> 
> Please describe the user interface to that.

I'm not very familiar with the babeld user interface / config file,
but I assume you have a place where you set either what the raw key value
is or what the path to the key file is. Next to there you would add an integer.
All nodes need to configure the same key, making sure they configure the
same integer with that key sounds straightforward enough?

David

v2.23.0 | Report a Bug | By Email