Re: [Cfrg] [irsg] IRSG review of draft-irtf-cfrg-ocb

David McGrew <mcgrew@cisco.com> Fri, 17 January 2014 13:26 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 721791AE0B6; Fri, 17 Jan 2014 05:26:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.039
X-Spam-Level:
X-Spam-Status: No, score=-10.039 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bBmpBg3G58SU; Fri, 17 Jan 2014 05:25:58 -0800 (PST)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) by ietfa.amsl.com (Postfix) with ESMTP id 9425A1AE0B3; Fri, 17 Jan 2014 05:25:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3226; q=dns/txt; s=iport; t=1389965146; x=1391174746; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=X8Hdb/mSgdoZAWWhvCzMT9jzXVdrSTRjncNJXW88Wy8=; b=NNZb2JjwNpoqaTzNs99PX+OTVTeJlDLAw+VTxNeEqxd0+/hM8TSnwMRS RALykKbTizFDgtHyfuhG+PxbAGZJhfTBlPNoD0hj7V+SuuwbcbHoST5gR Btx8elSCnhzpH4N73DeBXfr1s6I4tCcmIIgyG3BDkv5L0rg3pVH60tGXr I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjEFAJFf2FKtJXG+/2dsb2JhbABPCoMLOLtngQ8WdIIlAQEBAwEBAQE1MwMKAQULCxgJFg8JAwIBAgEVMAYNAQUCAgWHcwgNxTQXjFyBRxdFB4Q4BIlHjlqBMYUVi1GDSx4
X-IronPort-AV: E=Sophos;i="4.95,670,1384300800"; d="scan'208";a="13607417"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by alln-iport-3.cisco.com with ESMTP; 17 Jan 2014 13:25:45 +0000
Received: from [10.0.2.15] (rtp-mcgrew-8914.cisco.com [10.117.10.229]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id s0HDPiN4025351; Fri, 17 Jan 2014 13:25:45 GMT
Message-ID: <52D92F59.3030800@cisco.com>
Date: Fri, 17 Jan 2014 08:25:45 -0500
From: David McGrew <mcgrew@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <52CAF84D.2020600@cisco.com> <92C1A824-6009-4F8C-A304-0EC837C3D427@ericsson.com> <20266F45-9F2E-4CBA-A65C-EB315B673BA6@netapp.com> <52D29212.4070205@cisco.com> <52D44320.6020000@cisco.com> <52D4781D.7010800@cs.tcd.ie>
In-Reply-To: <52D4781D.7010800@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Kevin Fall <kfall@sei.cmu.edu>, Cfrg@irtf.org, Börje Ohlman <borje.ohlman@ericsson.com>, "irsg@irtf.org" <irsg@irtf.org>
Subject: Re: [Cfrg] [irsg] IRSG review of draft-irtf-cfrg-ocb
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 13:26:00 -0000

Hi Stephen,

thanks again for your timely review.   A comment inline on the process 
crapology:

On 01/13/2014 06:34 PM, Stephen Farrell wrote:
> Hi David,
>
> On 01/13/2014 07:48 PM, David McGrew wrote:
>> So you don't need to look for it: the ticket for draft-irtf-cfrg-ocb
>> http://trac.tools.ietf.org/group/irtf/trac/ticket/55
>>
>> Stephen, thanks for offering to do the review.
> No problem. My review below. My points are all nits. This is
> ready.
>
> - I think s/privacy/confidentiality/g would be a good change.
> Privacy involves more than confidentiality and crypto only
> provides the latter. But this draft is by no means the only
> sinner in this respect.
>
> - "As with most modes of operation, security degrades in the
> square of the number of blocks of texts divided by two to the
> blocklength." That could do with a reference or being expanded a
> bit. The CFRG reader should be ok with it but if/when OCB gets
> some IETF adoption, or when this is read by less crypto-aware
> folk, that will be too terse I think. (The same point is made in
> the security considerations more clearly so maybe could be
> deleted from the earlier section. But maybe its now in twice
> because of someone else's comment;-)
>
> - I didn't check the algorithm description nor examples in
> detail as IRSG review assumes the RG did that.
>
> Process crapology below. CFRG can ignore.
>
> - Section 6 - Its normal to actually ask IANA to do stuff so
> they know what to do when reviewing the draft. And then the text
> is changed by the RFC editor to say that IANA has added etc. No
> big deal because they'll figure it out.
>
> - Not related to this draft: RFC 5116 says AEAD registrations
> SHOULD be reviewed by CFRG.

IANA let me know that they were asking IESG to identify an expert for 
the expert review as per RFC 5116.   I offered to be that person, and I 
did the review and got back to them with an "OK" on the draft.   
Hopefully they will take me at my word regarding that RFC ;-)

I am not sure how the broader process should work relative to IRTF, 
which is a good question.

David

> What if CFRG ceases to exist? Be no
> harm to sometime say who'd inherit that role maybe. I guess if
> the IRTF don't say, and if/when CFRG passes away, then IANA will
> ask the IAB/IRSG/IESG probably and there'll be a minor fuss when
> someone gets the wrong end of the stick. That's one for Lars
> really - what should happen in general with IANA registries
> depending on expired RGs for review? (My take - IRTF chair
> appoints an expert reviewer or two when killing an RG with
> registries and use IRSG list for discussion of requests until
> that gets to be a PITA. But before Lars asks, no, I won't
> write a draft describing that just now:-)
>
> - I note that the IETF tools page doesn't list the IPR for this
> but does for draft-krovetz-ocb. The datatracker page does show
> the IPR correctly. I thought that had been fixed since the
> replaced-by stuff seems right here. Ah well.
>
> Cheers,
> S.
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
> .
>