Re: [Cfrg] [irsg] IRSG review of draft-irtf-cfrg-ocb

David McGrew <> Fri, 17 January 2014 13:26 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 721791AE0B6; Fri, 17 Jan 2014 05:26:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.039
X-Spam-Status: No, score=-10.039 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id bBmpBg3G58SU; Fri, 17 Jan 2014 05:25:58 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 9425A1AE0B3; Fri, 17 Jan 2014 05:25:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=3226; q=dns/txt; s=iport; t=1389965146; x=1391174746; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=X8Hdb/mSgdoZAWWhvCzMT9jzXVdrSTRjncNJXW88Wy8=; b=NNZb2JjwNpoqaTzNs99PX+OTVTeJlDLAw+VTxNeEqxd0+/hM8TSnwMRS RALykKbTizFDgtHyfuhG+PxbAGZJhfTBlPNoD0hj7V+SuuwbcbHoST5gR Btx8elSCnhzpH4N73DeBXfr1s6I4tCcmIIgyG3BDkv5L0rg3pVH60tGXr I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="4.95,670,1384300800"; d="scan'208";a="13607417"
Received: from ([]) by with ESMTP; 17 Jan 2014 13:25:45 +0000
Received: from [] ( []) by (8.14.5/8.14.5) with ESMTP id s0HDPiN4025351; Fri, 17 Jan 2014 13:25:45 GMT
Message-ID: <>
Date: Fri, 17 Jan 2014 08:25:45 -0500
From: David McGrew <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9
MIME-Version: 1.0
To: Stephen Farrell <>
References: <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Kevin Fall <>,, =?ISO-8859-1?Q?B=F6rje_Ohlman?= <>, "" <>
Subject: Re: [Cfrg] [irsg] IRSG review of draft-irtf-cfrg-ocb
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 17 Jan 2014 13:26:00 -0000

Hi Stephen,

thanks again for your timely review.   A comment inline on the process 

On 01/13/2014 06:34 PM, Stephen Farrell wrote:
> Hi David,
> On 01/13/2014 07:48 PM, David McGrew wrote:
>> So you don't need to look for it: the ticket for draft-irtf-cfrg-ocb
>> Stephen, thanks for offering to do the review.
> No problem. My review below. My points are all nits. This is
> ready.
> - I think s/privacy/confidentiality/g would be a good change.
> Privacy involves more than confidentiality and crypto only
> provides the latter. But this draft is by no means the only
> sinner in this respect.
> - "As with most modes of operation, security degrades in the
> square of the number of blocks of texts divided by two to the
> blocklength." That could do with a reference or being expanded a
> bit. The CFRG reader should be ok with it but if/when OCB gets
> some IETF adoption, or when this is read by less crypto-aware
> folk, that will be too terse I think. (The same point is made in
> the security considerations more clearly so maybe could be
> deleted from the earlier section. But maybe its now in twice
> because of someone else's comment;-)
> - I didn't check the algorithm description nor examples in
> detail as IRSG review assumes the RG did that.
> Process crapology below. CFRG can ignore.
> - Section 6 - Its normal to actually ask IANA to do stuff so
> they know what to do when reviewing the draft. And then the text
> is changed by the RFC editor to say that IANA has added etc. No
> big deal because they'll figure it out.
> - Not related to this draft: RFC 5116 says AEAD registrations
> SHOULD be reviewed by CFRG.

IANA let me know that they were asking IESG to identify an expert for 
the expert review as per RFC 5116.   I offered to be that person, and I 
did the review and got back to them with an "OK" on the draft.   
Hopefully they will take me at my word regarding that RFC ;-)

I am not sure how the broader process should work relative to IRTF, 
which is a good question.


> What if CFRG ceases to exist? Be no
> harm to sometime say who'd inherit that role maybe. I guess if
> the IRTF don't say, and if/when CFRG passes away, then IANA will
> ask the IAB/IRSG/IESG probably and there'll be a minor fuss when
> someone gets the wrong end of the stick. That's one for Lars
> really - what should happen in general with IANA registries
> depending on expired RGs for review? (My take - IRTF chair
> appoints an expert reviewer or two when killing an RG with
> registries and use IRSG list for discussion of requests until
> that gets to be a PITA. But before Lars asks, no, I won't
> write a draft describing that just now:-)
> - I note that the IETF tools page doesn't list the IPR for this
> but does for draft-krovetz-ocb. The datatracker page does show
> the IPR correctly. I thought that had been fixed since the
> replaced-by stuff seems right here. Ah well.
> Cheers,
> S.
> _______________________________________________
> Cfrg mailing list
> .