Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00

"Igoe, Kevin M." <kmigoe@nsa.gov> Wed, 06 February 2013 14:43 UTC

Return-Path: <kmigoe@nsa.gov>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA8F021F868D for <cfrg@ietfa.amsl.com>; Wed, 6 Feb 2013 06:43:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.999
X-Spam-Level:
X-Spam-Status: No, score=-9.999 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7epMVFtKqvw for <cfrg@ietfa.amsl.com>; Wed, 6 Feb 2013 06:43:33 -0800 (PST)
Received: from nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9]) by ietfa.amsl.com (Postfix) with ESMTP id 00D8221F8472 for <cfrg@irtf.org>; Wed, 6 Feb 2013 06:43:32 -0800 (PST)
X-TM-IMSS-Message-ID: <3330986600051149@nsa.gov>
Received: from MSHT-GH1-UEA02.corp.nsa.gov ([10.215.227.181]) by nsa.gov ([63.239.67.9]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 3330986600051149 ; Wed, 6 Feb 2013 09:42:35 -0500
Received: from MSMR-GH1-UEA06.corp.nsa.gov (10.215.225.2) by MSHT-GH1-UEA02.corp.nsa.gov (10.215.227.181) with Microsoft SMTP Server (TLS) id 14.1.289.1; Wed, 6 Feb 2013 09:43:32 -0500
Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSMR-GH1-UEA06.corp.nsa.gov ([10.215.225.2]) with mapi id 14.01.0289.001; Wed, 6 Feb 2013 09:43:31 -0500
From: "Igoe, Kevin M." <kmigoe@nsa.gov>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
Thread-Index: Ac4EeFT8GmebuNaUQ0GBYm0YMPoqdw==
Date: Wed, 6 Feb 2013 14:43:30 +0000
Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.215.225.46]
Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CA68C0113EMSMRGH1UEA03cor_"
MIME-Version: 1.0
Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2013 14:43:34 -0000

Looking at the IRTF requirements (which differ slightly from the IETF's),
as described at

  http://wiki.tools.ietf.org/group/irtf/trac/wiki/IRTF-RFCs#

there are a few key phrases that need to be worked in
(see the section of Research Group Preparation).


----------------------------------------------------------------------------
There must be a statement in the abstract identifying it as the product of the RG


     How about this:  "This document is a product of the Crypto Forum Research Group (CFRG)."

----------------------------------------------------------------------------
There must be a paragraph near the beginning (for example, in the introduction) describing
the level of support for publication. Example text might read: "this document represents
the consensus of the FOOBAR RG" or "the views in this document were considered controversial
by the FOOBAR RG but the RG reached a consensus that the document should still be published".

     Aside from IPR issues (sigh), there is nothing controversial here.  I suggest putting in a phrase
    like:

         "OCB has received years of in-depth analysis previous to its submission to the CFRG
           (see [4] and [5]), and has been under review by the members of the CFRG for almost
           a year.  It is the consensus of the CFRG that the security mechanisms provided by the
           OCB AEAD algorithm described in this document are suitable for use in providing privacy
          and authentication."

    You might want to add a reference that isn't behind a paywall, say IACR ePrint 2001/026.

----------------------------------------------------------------------------
The breadth of review the document has received must also be noted. For example, was this
 document read by all the active contributors, only three people, or folks who are not "in" the
RG but are expert in the area?

   I think the text abpve covers that.


----------------+--------------------------------------------------
Kevin M. Igoe   | "We can't solve problems by using the same kind
kmigoe@nsa.gov  | of thinking we used when we created them."
                |              - Albert Einstein -
----------------+--------------------------------------------------