Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange
Andy Lutomirski <luto@amacapital.net> Thu, 12 November 2015 04:04 UTC
Return-Path: <luto@amacapital.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A8111A90F4 for <cfrg@ietfa.amsl.com>; Wed, 11 Nov 2015 20:04:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.279
X-Spam-Level:
X-Spam-Status: No, score=-1.279 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HqkcakNqUOSo for <cfrg@ietfa.amsl.com>; Wed, 11 Nov 2015 20:04:48 -0800 (PST)
Received: from mail-oi0-x22b.google.com (mail-oi0-x22b.google.com [IPv6:2607:f8b0:4003:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1028B1A90EE for <cfrg@irtf.org>; Wed, 11 Nov 2015 20:04:48 -0800 (PST)
Received: by oixx65 with SMTP id x65so15169026oix.0 for <cfrg@irtf.org>; Wed, 11 Nov 2015 20:04:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital_net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=YsBab3OvPtWrsT3AOWjCP4TtHdNJyws2uBLI/W5pULo=; b=jy/rqx/XjVOPldnlLU/E4Wc8EG7UyB4oPVMhp9Msj8ccTtBmTWMFSLPPPelfBiMOq+ 0/OlytdU+eeIxtfx/MSNuKuSyBabOZqOCAG7YhALzAwsGeFcifSiEcVoPG0rKdiZ/5AV 0YsKGPhnpCNc5K/gdQKApZRmfhJXgA/Xpo5QoS9/eyh7EVXEftUnzrfJJc5uoXwq/miz GaKQ0L9losHwA1x9D9ZRCxOfC8o8nwVxoz3hmFH2OWTCPvgkms64FJNpCp9wA8QRjHcV Qx1h82TTKCncJJv4JdnJIk6R7QK+3ezPgqQ9E0bd0Uznh0hH+XOr1EULYD0H2l9tY//A m1ng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=YsBab3OvPtWrsT3AOWjCP4TtHdNJyws2uBLI/W5pULo=; b=cuOOH1RkHxNlZkcE5w0QIEXZBRgqQAIkfYyJnoh7gf1Zf1J7eyauf5NSnq2eRQWBQz RvaKXUbbEKVDAlCn9S5Sk3Qq2iVktDPhsexBM3Z9lPWEYdRV3Lbrnk0eihzkD2KhIcym jk7O6RtJ0v5LDkKnVf9tzPi+WBOwzop/Y02TF/9DcNmwWFMhatAV2gBY7KVPAq8qsCmv gIXGVBL79GBiJSFX7hXhGDrNQyp5amGKDXMW2lmt7fQl+mHrP6kjL7gS+OdHUjRvt18C m01sbVt5GMtPCYNBBr462a5WAiSU4P3yNrTJX76N0TxKPZsuhHTf96L+0/I6B6Mp6JMS p4DA==
X-Gm-Message-State: ALoCoQmwhxCgYTA09liJlr7XciSKEMcz3DENJTI2jbV5zPTN+pekntKwZA5HhdOjOKvm8Z7ET9vR
X-Received: by 10.202.216.139 with SMTP id p133mr6493109oig.25.1447301087386; Wed, 11 Nov 2015 20:04:47 -0800 (PST)
MIME-Version: 1.0
Received: by 10.202.44.71 with HTTP; Wed, 11 Nov 2015 20:04:27 -0800 (PST)
In-Reply-To: <CAHOTMVKnrjeLVi9tgXNBAp8ib4-ECQU-aG4jD9sqh9=1-7P38w@mail.gmail.com>
References: <20151112010004.7D71718000B@rfc-editor.org> <CACsn0cmK5bicERd17PMdha3P2V0rfFfQP11WzQ=trF7e=oDKpA@mail.gmail.com> <CAHOTMVKnrjeLVi9tgXNBAp8ib4-ECQU-aG4jD9sqh9=1-7P38w@mail.gmail.com>
From: Andy Lutomirski <luto@amacapital.net>
Date: Wed, 11 Nov 2015 20:04:27 -0800
Message-ID: <CALCETrUkJ4y2HvhbAiP6+eg04NiQsNRY9uj_Ya=2-sXSQS-SOw@mail.gmail.com>
To: Tony Arcieri <bascule@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/SmSecFY7wT6hWwpGv2zQHFM3OC0>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, rfc-dist@rfc-editor.org, rfc-editor@rfc-editor.org
Subject: Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2015 04:04:49 -0000
On Wed, Nov 11, 2015 at 7:12 PM, Tony Arcieri <bascule@gmail.com> wrote: > On Wed, Nov 11, 2015 at 5:18 PM, Watson Ladd <watsonbladd@gmail.com> wrote: >> >> Dear all, >> This protocol does not match the one whose security was proven. The >> modification is cheap: include identities in the Confirmation >> Exchange. It's specifically suggested in the text. Why was this not >> done? > > > I second this and also I find the "Security Considerations" section of this > draft incredibly misleading. Specifically it claims: > > I don't think it's a draft. I think it's for real. This change happened between draft 8 and the published RFC: https://www.ietf.org/rfcdiff?url1=draft-irtf-cfrg-dragonfly-08&url2=rfc7664&difftype=--html AFAICT this changed in the editing process. I don't know what, if anything, can be done about this at this point, but arguably an erratum should be published or this RFC should be withdrawn. Also, this seems odd to me. Why is there no final consensus call on the document that is actually intended to be final? ISTM there's very little chance that this particular document would receive consensus. --Andy
- [Cfrg] RFC 7664 on Dragonfly Key Exchange rfc-editor
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Watson Ladd
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Tony Arcieri
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Andy Lutomirski
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Dan Harkins
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Tony Arcieri
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Dan Harkins
- Re: [Cfrg] RFC 7664 on Dragonfly Key Exchange Andy Lutomirski