Re: [Cfrg] request for review of IPsec ESP and AH Usage Guidance
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 03 July 2013 20:04 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6713411E8228 for <cfrg@ietfa.amsl.com>; Wed, 3 Jul 2013 13:04:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0qfYWdmTzBgS for <cfrg@ietfa.amsl.com>; Wed, 3 Jul 2013 13:04:59 -0700 (PDT)
Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) by ietfa.amsl.com (Postfix) with ESMTP id BF6D511E8226 for <cfrg@irtf.org>; Wed, 3 Jul 2013 13:04:58 -0700 (PDT)
Received: by mail-wi0-f181.google.com with SMTP id hq4so533151wib.8 for <cfrg@irtf.org>; Wed, 03 Jul 2013 13:04:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=dTpspTU2cp1XnQpUZLml+HdT1JMAsCQQc83o35+Xj54=; b=HFyIsCPlbtaoYZb6l3bOrQH1NBcsXm257aLPAlLofaHWiewfsRrucJiUvSEO5n+b0t KgYvaD2v4xFTF0Sp/F64tBRqfqGMPXbSpdBiGQ1ZMUrJmY6AhmmvwKExZFHivNLEXJ5t 6eq7kIvb1wc1E22IuqK4Fbe1a3BWp9pD1XAPmemwZDZ0+d4briuKxmz0/y6QRQ80UVX8 Mq9SvDFozti2lwHYk0L6yuvicQDFCsztJicXVIH1mh5RmQJA5rzK7OL95oa7vHjIcu7O 8s0qdmMpOsybExUGfOWgOKLzoMdUGsutUhGc5El45caHp6SFNdhyAbW2Vyxe1ngwMMcC pNMQ==
X-Received: by 10.194.22.1 with SMTP id z1mr1661240wje.14.1372881897854; Wed, 03 Jul 2013 13:04:57 -0700 (PDT)
Received: from [10.0.0.7] (bzq-79-183-154-171.red.bezeqint.net. [79.183.154.171]) by mx.google.com with ESMTPSA id fo10sm30844618wib.8.2013.07.03.13.04.56 for <cfrg@irtf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 03 Jul 2013 13:04:57 -0700 (PDT)
Message-ID: <51D483E7.800@gmail.com>
Date: Wed, 03 Jul 2013 23:04:55 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7
MIME-Version: 1.0
To: cfrg@irtf.org
References: <mailman.134.1372878051.25671.cfrg@irtf.org>
In-Reply-To: <mailman.134.1372878051.25671.cfrg@irtf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Cfrg] request for review of IPsec ESP and AH Usage Guidance
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jul 2013 20:04:59 -0000
Or we could (COULD?) mandate both AES-GMAC and HMAC-256 at the SHOULD level for ESP-auth-only, to ensure that we have a fallback hash if something goes badly wrong with the primary choice. Thanks, Yaron
- [Cfrg] request for review of IPsec ESP and AH Usa… David McGrew
- Re: [Cfrg] request for review of IPsec ESP and AH… Yoav Nir
- Re: [Cfrg] request for review of IPsec ESP and AH… Paul Hoffman
- Re: [Cfrg] request for review of IPsec ESP and AH… Yoav Nir
- Re: [Cfrg] request for review of IPsec ESP and AH… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] request for review of IPsec ESP and AH… Paul Hoffman
- Re: [Cfrg] request for review of IPsec ESP and AH… Yoav Nir
- Re: [Cfrg] request for review of IPsec ESP and AH… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] request for review of IPsec ESP and AH… Yoav Nir
- Re: [Cfrg] request for review of IPsec ESP and AH… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] request for review of IPsec ESP and AH… Yaron Sheffer
- Re: [Cfrg] request for review of IPsec ESP and AH… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] request for review of IPsec ESP and AH… David McGrew
- Re: [Cfrg] request for review of IPsec ESP and AH… David McGrew