Re: [Crypto-panel] [Cfrg] Fwd: Rev RFC 7539?

["Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>]

Thanks Yoav!

Stanislav, Russ, if you have some time, could you please take another
quick pass and see if your comments are all properly addressed? We can
then go the list and invite further comments from the wider group.

Cheers,

Kenny 

On 30/01/2017 15:46, "Yoav Nir" <ynir.ietf@gmail.com> wrote:

>
>
>
>Hi.
>
>
>So I’ve just posted version -01.  Changes include:
>
>* Reworded the abstract introduction to avoid saying that the document
>does not introduce any new crypto (the composition of ChaCha20 and
>Poly1305 was in fact novel)
>* Replaced “papers by D. J. Bernstein” with actual references.
>* Removed numbering and bullets from lists of formulas.
>* Converted all “rotation” to “roll” for consistency.
>* Changed the variable name in inner_block() from “working_state” to
>“initial_state”
>* Explained the pipe (“|”) character and bitwise AND assignment (“&=“) in
>formulas.
>* Removed discussion of potential use in ESP and TLS. Both algorithms
>have RFCs by now.
>* Removed discussion of using HMAC for PRF.
>* Clarified that a 64- (or 128- or 256-) bit cipher refers to block size,
>not to key size.
>* Addressed Jim Schaad’s comment that the tag MUST NOT be truncated (that
>was the little extra text in the Security Considerations)
>* A few more editorial fixes
>
>
>
>
>https://tools.ietf.org/html/draft-nir-cfrg-rfc7539bis-01
>
>
>Yoav
>
>
>On 19 Jan 2017, at 13:13, Yoav Nir <ynir.ietf@gmail.com> wrote:
>
>I will make a new version by next week.
>
>
>Yoav
>
>
>On 19 Jan 2017, at 13:08, Paterson, Kenny <Kenny.Paterson@rhul.ac.uk>
>wrote:
>
>Dear Stanislav,
>
>
>Thanks very much for your quick action here - Yoav now has a total of 3
>detailed reviews to work from - 2 from the panel and one from John
>Mattson on list. 
>
>
>This is exactly how the review panel should work :-)
>
>Regards,
>
>
>Kenny
>
>
>
>On 19 Jan 2017, at 11:52, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
>wrote:
>
>
>
>Good afternoon, dear colleagues!
>
>
>I've sent the review to the CFRG mailing list.
>
>
>Best regards,
>Stanislav
>
>
>
>
>
>
>2017-01-19 13:41 GMT+03:00 Paterson, Kenny
><Kenny.Paterson@rhul.ac.uk>:
>
>Russ,
>
>Thanks for the speedy feedback.
>
>Best wishes,
>
>Kenny
>
>Sent from my iPhone
>
>> On 18 Jan 2017, at 19:41, Russ Housley <housley@vigilsec.com> wrote:
>>
>> I just sent the review.
>>
>>
>>> On Jan 18, 2017, at 9:45 AM, Paterson, Kenny
>>><Kenny.Paterson@rhul.ac.uk> wrote:
>>>
>>> Hi Russ,
>>>
>>> Thanks for offering. Stanislav also volunteered, but I think having two
>>> independent reviews will do no harm at all here, since the intention
>>>is to
>>> catch as many things as possible. So please go ahead in your suggested
>>> timeframe.
>>>
>>> We didn't quite settle on a mechanism for handling these reviews yet,
>>>but
>>> in this case I'd suggest e-mailing your comments to CFRG in the
>>> appropriate thread once they are ready.
>>>
>>> Thanks again,
>>>
>>> Kenny
>>>
>>>
>>>
>>>> On 17/01/2017 15:53, "Russ Housley" <housley@vigilsec.com> wrote:
>>>>
>>>> I can do it late this week or early next week.
>>>>
>>>> Russ
>>>>
>>>>
>>>> On Jan 17, 2017, at 6:16 AM, Paterson, Kenny
>>>><Kenny.Paterson@rhul.ac.uk>
>>>> wrote:
>>>>
>>>>> Dear CFRG Review Panel members,
>>>>>
>>>>> Please could we have a volunteer to review this document from Yoav
>>>>>Nir?
>>>>>
>>>>> The document is a proposed revision to RFC 7539 ("ChaCha20 and
>>>>>Poly1305
>>>>> for IETF Protocols") to address a number of errata that were found in
>>>>> the
>>>>> original RFC in a systematic way.
>>>>>
>>>>> The purpose of the review would be to check that the corrections make
>>>>> sense and to try to identify any further glitches that remain.
>>>>> Additional
>>>>> remarks would be welcome of course.
>>>>>
>>>>> If you volunteer, it would be helpful to also indicate a time-scale
>>>>>for
>>>>> delivering your review.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Kenny
>>>>>
>>>>> On 12/01/2017 06:24, "Cfrg on behalf of Yoav Nir"
>>>>><cfrg-bounces@irtf.org
>>>>> on behalf of ynir.ietf@gmail.com> wrote:
>>>>>
>>>>>> Reminder.
>>>>>>
>>>>>>
>>>>>> Is there interest in pushing this forward?
>>>>>>
>>>>>>
>>>>>> Yoav
>>>>>>
>>>>>>
>>>>>> Begin forwarded message:
>>>>>>
>>>>>> From: Yoav Nir <ynir.ietf@gmail.com>
>>>>>>
>>>>>> Subject: Re: [Cfrg] Rev RFC 7539?
>>>>>>
>>>>>> Date: 16 November 2016 at 9:09:11 GMT+2
>>>>>>
>>>>>> To: Sean Turner <sean@sn3rd.com>
>>>>>>
>>>>>> Cc: IRTF CFRG <cfrg@irtf.org>
>>>>>>
>>>>>>
>>>>>> Cycles found.
>>>>>>
>>>>>>
>>>>>> Attached please find two files:
>>>>>> 1. rfc7539_long.txt is RFC 7539 with page breaks and page numbers
>>>>>> removed.
>>>>>> 2. draft-nir-cfrg-rfc7539bis-00.raw.txt
>>>>>> is the unpaginated form of the new draft.
>>>>>>
>>>>>>
>>>>>> Couldn’t do much about the boilerplate, but this makes it easy to
>>>>>> compare.
>>>>>>
>>>>>>
>>>>>> Yoav
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 16 Nov 2016, at 10:06, Sean Turner <sean@sn3rd.com> wrote:
>>>>>>
>>>>>> +1 - if you got the cycles.
>>>>>>
>>>>>> spt
>>>>>>
>>>>>>
>>>>>> On Nov 14, 2016, at 15:55, Eric Rescorla <ekr@rtfm.com> wrote:
>>>>>>
>>>>>> This seems like a good plan.
>>>>>>
>>>>>> -Ekr
>>>>>>
>>>>>>
>>>>>> On Mon, Nov 14, 2016 at 3:32 PM, Yoav Nir <ynir.ietf@gmail.com>
>>>>>>wrote:
>>>>>> Hi
>>>>>>
>>>>>> RFC 7539 (“ChaCha20 and Poly1305 for IETF Protocols”)[1] is now
>>>>>> implemented in many places and referenced by 3 RFCs and 8 Internet
>>>>>> Drafts
>>>>>> ([2])
>>>>>>
>>>>>> However, the quality of the document is not where we’d like it to
>>>>>>be.
>>>>>> There have been 7 errata filed against it. Most of it is editorial
>>>>>>or
>>>>>> insignificant, but still no errata is better than some errata.
>>>>>>
>>>>>> So what do the participants and chairs think about spinning up a
>>>>>> quick[4]
>>>>>> rfc7539bis that has the same text, except that the errata will be
>>>>>> merged
>>>>>> in?
>>>>>>
>>>>>> I think such a document should be fairly easy and quick.
>>>>>>
>>>>>> Yoav
>>>>>>
>>>>>> P.S: and yes, of course I’m volunteering to write it.
>>>>>>
>>>>>> [1] 
>https://tools.ietf.org/html/rfc7539 <https://tools.ietf.org/html/rfc7539>
>>>>>> [2] 
>https://datatracker.ietf.org/doc/rfc7539/referencedby/
><https://datatracker.ietf.org/doc/rfc7539/referencedby/>
>>>>>> [3] 
>https://www.rfc-editor.org/errata_search.php?rfc=7539
><https://www.rfc-editor.org/errata_search.php?rfc=7539>
>>>>>> [4] My spell check actually corrected “quick” to “quic”. The
>>>>>>contents
>>>>>> of
>>>>>> my mails are veering far away from regular English.
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Cfrg mailing list
>>>>>> Cfrg@irtf.org
>>>>>> 
>https://www.irtf.org/mailman/listinfo/cfrg
><https://www.irtf.org/mailman/listinfo/cfrg>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Cfrg mailing list
>>>>>> Cfrg@irtf.org
>>>>>> 
>https://www.irtf.org/mailman/listinfo/cfrg
><https://www.irtf.org/mailman/listinfo/cfrg>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> 
>>>>><draft-nir-cfrg-rfc7539bis-00.raw.txt><rfc7539_long.txt>______________
>>>>>___
>>>>> ______________________________
>>>>> Crypto-panel mailing list
>>>>> Crypto-panel@irtf.org
>>>>> 
>https://www.irtf.org/mailman/listinfo/crypto-panel
><https://www.irtf.org/mailman/listinfo/crypto-panel>
>>>>
>>>
>>> _______________________________________________
>>> Crypto-panel mailing list
>>> Crypto-panel@irtf.org
>>> 
>https://www.irtf.org/mailman/listinfo/crypto-panel
><https://www.irtf.org/mailman/listinfo/crypto-panel>
>>
>
>_______________________________________________
>Crypto-panel mailing list
>Crypto-panel@irtf.org
>https://www.irtf.org/mailman/listinfo/crypto-panel
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>