Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00

Greg Rose <ggr@seer-grog.net> Wed, 06 February 2013 15:42 UTC

Return-Path: <ggr@seer-grog.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA28021F85F3 for <cfrg@ietfa.amsl.com>; Wed, 6 Feb 2013 07:42:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.8
X-Spam-Level:
X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSSeiuw0yBfX for <cfrg@ietfa.amsl.com>; Wed, 6 Feb 2013 07:42:09 -0800 (PST)
Received: from homiemail-a22.g.dreamhost.com (caiajhbdcaid.dreamhost.com [208.97.132.83]) by ietfa.amsl.com (Postfix) with ESMTP id EE48121F8589 for <cfrg@irtf.org>; Wed, 6 Feb 2013 07:42:08 -0800 (PST)
Received: from homiemail-a22.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTP id 577121A8076; Wed, 6 Feb 2013 07:42:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=seer-grog.net; h=subject :mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s= seer-grog.net; bh=DgCo4ZWBtv0IyMAp+V9Hn+YrsHk=; b=FJ3ly/1E1y3Jv7 BeAMqSO3CNYdpkpglq+ohDZA5rsxz7IKf8YCb69ab8Pd85GK69h747xCpFLKC+si w30117VWFHVZyN2RV3j8ewdf1l1/BbCHJo4L4O2+RH6VYlUpEUNz3p26B686sx6S amoEqEypFwpnuTt2worjOZWIBo8LU=
Received: from [10.0.1.3] (cpe-76-93-178-79.san.res.rr.com [76.93.178.79]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: ggr@seer-grog.net) by homiemail-a22.g.dreamhost.com (Postfix) with ESMTPSA id 0B20E1A8069; Wed, 6 Feb 2013 07:42:08 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset=windows-1252
From: Greg Rose <ggr@seer-grog.net>
In-Reply-To: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov>
Date: Wed, 6 Feb 2013 07:42:07 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <452F0111-0FB7-4F57-AA45-AE5E2536777F@seer-grog.net>
References: <3C4AAD4B5304AB44A6BA85173B4675CA68C0113E@MSMR-GH1-UEA03.corp.nsa.gov>
To: "Igoe, Kevin M." <kmigoe@nsa.gov>
X-Mailer: Apple Mail (2.1085)
Cc: Greg Rose <ggr@seer-grog.net>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] RG Last Call - draft-irtf-cfrg-ocb-00
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2013 15:42:09 -0000

On 2013 Feb 6, at 6:43 , Igoe, Kevin M. wrote:

> There must be a statement in the abstract identifying it as the product of the RG 
>      How about this:  “This document is a product of the Crypto Forum Research Group (CFRG).”

No, it isn't. I for one haven't even read it.
>  
> ----------------------------------------------------------------------------
> There must be a paragraph near the beginning (for example, in the introduction) describing
> the level of support for publication. Example text might read: "this document represents
> the consensus of the FOOBAR RG" or "the views in this document were considered controversial
> by the FOOBAR RG but the RG reached a consensus that the document should still be published".
>  
>      Aside from IPR issues (sigh), there is nothing controversial here.  I suggest putting in a phrase
>     like:
>  
>          “OCB has received years of in-depth analysis previous to its submission to the CFRG
>            (see [4] and [5]), and has been under review by the members of the CFRG for almost
>            a year.  It is the consensus of the CFRG that the security mechanisms provided by the
>            OCB AEAD algorithm described in this document are suitable for use in providing privacy
>           and authentication.”
>  
>     You might want to add a reference that isn’t behind a paywall, say IACR ePrint 2001/026.   

Knowing the background and the authors, I can go along with "consensus". But in some standards bodies (I don't actually do all that much with IETF so I don't know the true position here) the word "consensus" has a defined meaning. I'm not sure we correctly can use it...

Greg.