[Cfrg] Fwd: [Technical Errata Reported] RFC4086 (3106)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 05 February 2012 13:59 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 091CD21F8537 for <cfrg@ietfa.amsl.com>; Sun, 5 Feb 2012 05:59:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qeuSFl8LACB7 for <cfrg@ietfa.amsl.com>; Sun, 5 Feb 2012 05:59:33 -0800 (PST)
Received: from scss.tcd.ie (hermes.cs.tcd.ie [IPv6:2001:770:10:200:889f:cdff:fe8d:ccd2]) by ietfa.amsl.com (Postfix) with ESMTP id 3B35521F852F for <cfrg@irtf.org>; Sun, 5 Feb 2012 05:59:33 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id A4AED171BFF; Sun, 5 Feb 2012 13:59:32 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-type:in-reply-to:references:subject:mime-version :user-agent:from:date:message-id:received:received: x-virus-scanned; s=cs; t=1328450372; bh=pTgErChUw/a0orkxvE3Qa8/Q RmnjdrpLIlRYFFimAP4=; b=tRq1a3WJdvclzzUY7qMITSmyXMTwiKlRzE+pjCZw E4YJYzPmlYAV8wS79qZl5JneGf2P632ZPrWJ653w4nOScL5doeJ5DX7CVZ2pMisQ tnPA3KNd1YV+NzNeEOuOl4uBSvgwxCQ3vQ2docmchUkEo0MmoAqWwiBjO1zZiQe9 XYS/pi0Bl66IXrGTf6uLZgVwtVyfUrFhW7U98L6rdaUzYpbBsrRBWkEF95ahgq2n n7pFJneU0GWNjPkjvl485jRWOfIoKUHp3H/b9ii+dwmHor9yDzTQhdHFpcYtebky ZnadUXyCryYsLSsK0fxuK2j7HbnBWkV8cwqfK14wiNVjrQ==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from scss.tcd.ie ([127.0.0.1]) by localhost (scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id r3P88oM5nI55; Sun, 5 Feb 2012 13:59:32 +0000 (GMT)
Received: from [10.87.48.9] (unknown [86.45.50.113]) by smtp.scss.tcd.ie (Postfix) with ESMTPSA id 3325F171BFD; Sun, 5 Feb 2012 13:59:32 +0000 (GMT)
Message-ID: <4F2E8B43.5060205@cs.tcd.ie>
Date: Sun, 05 Feb 2012 13:59:31 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: "cfrg@irtf.org" <cfrg@irtf.org>, "Turner, Sean P." <turners@ieca.com>
References: <20120205115237.D6A1262176@rfc-editor.org>
In-Reply-To: <20120205115237.D6A1262176@rfc-editor.org>
X-Forwarded-Message-Id: <20120205115237.D6A1262176@rfc-editor.org>
Content-Type: multipart/mixed; boundary="------------080000090108060704080407"
Subject: [Cfrg] Fwd: [Technical Errata Reported] RFC4086 (3106)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 13:59:34 -0000

More opinions still welcome:-)
Thanks,
Stephen.

-------- Original Message --------
Subject: [Technical Errata Reported] RFC4086 (3106)
Date: Sun,  5 Feb 2012 03:52:37 -0800 (PST)
From: RFC Errata System <rfc-editor@rfc-editor.org>
To: Donald.Eastlake@motorola.com, jis@mit.edu, steve@stevecrocker.com, 
iesg@ietf.org
CC: fw@deneb.enyo.de, rfc-editor@rfc-editor.org


The following errata report has been submitted for RFC4086,
"Randomness Requirements for Security".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=4086&eid=3106

--------------------------------------
Type: Technical
Reported by: Florian Weimer <fw@deneb.enyo.de>

Section: 4.4

Original Text
-------------
(see below)

Corrected Text
--------------
(remove entire section)

Notes
-----
Compression is not suitable for de-skewing, even if headers are removed. 
For most compression algorithms, discriminators are known. For instance, 
in gzip output, the most significant bit of each byte is set with a 
frequency somewhat above 0.501 (except for small inputs). This means 
that the output is not uniformly distributed even when looking at 
isolated bytes.

I recommend removal of the entire section.

Instructions:
-------------
This errata is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary.

--------------------------------------
RFC4086 (draft-eastlake-randomness2-10)
--------------------------------------
Title               : Randomness Requirements for Security
Publication Date    : June 2005
Author(s)           : D. Eastlake 3rd, J. Schiller, S. Crocker
Category            : BEST CURRENT PRACTICE
Source              : IETF - NON WORKING GROUP
Area                : N/A
Stream              : IETF
Verifying Party     : IESG