[Curdle] Review of draft-kaduk-kitten-des-des-des-die-die-die-01
Greg Hudson <ghudson@mit.edu> Wed, 17 May 2017 15:59 UTC
Return-Path: <ghudson@mit.edu>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EC7612EB61 for <curdle@ietfa.amsl.com>; Wed, 17 May 2017 08:59:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.502
X-Spam-Level:
X-Spam-Status: No, score=-1.502 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RjzJdJgEMBxV for <curdle@ietfa.amsl.com>; Wed, 17 May 2017 08:59:52 -0700 (PDT)
Received: from dmz-mailsec-scanner-7.mit.edu (dmz-mailsec-scanner-7.mit.edu [18.7.68.36]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C3DC12EAD5 for <curdle@ietf.org>; Wed, 17 May 2017 08:54:06 -0700 (PDT)
X-AuditID: 12074424-7b3ff700000007b5-92-591c721d614f
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-7.mit.edu (Symantec Messaging Gateway) with SMTP id 90.02.01973.D127C195; Wed, 17 May 2017 11:54:05 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id v4HFs4jL014579 for <curdle@ietf.org>; Wed, 17 May 2017 11:54:05 -0400
Received: from localhost (equal-rites.mit.edu [18.18.1.59]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v4HFs3Er009422 for <curdle@ietf.org>; Wed, 17 May 2017 11:54:04 -0400
From: Greg Hudson <ghudson@mit.edu>
To: curdle@ietf.org
Date: Wed, 17 May 2017 11:54:03 -0400
Message-ID: <x7dzieb1ntw.fsf@equal-rites.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprFIsWRmVeSWpSXmKPExsUixG6nritbJBNp8HStjMXWhbOYHRg9liz5 yRTAGMVlk5Kak1mWWqRvl8CVseXwT9aCbRwVZz58YG9gfMXWxcjJISFgIrHp9Xcgm4tDSGAx k8Tsz/ugnOOMEvNmPmCGcDqYJB52T2EGaWETUJZYv38rSxcjB4eIgLBEzwJJkLCwgIPEoZ1X WEBsFgFViUW3rrCC2LwChhIPercxQdiCEidnPgGrYRaQkDj44gXzBEbuWUhSs5CkFjAyrWKU Tcmt0s1NzMwpTk3WLU5OzMtLLdI118vNLNFLTSndxAgOAheVHYzdPd6HGAU4GJV4eCMCZCKF WBPLiitzDzFKcjApifLufyAdKcSXlJ9SmZFYnBFfVJqTWnyIUYKDWUmEd38OUDlvSmJlVWpR PkxKmoNFSZxXXKMxQkggPbEkNTs1tSC1CCYrw8GhJMFbWwjUKFiUmp5akZaZU4KQZuLgBBnO AzR8G0gNb3FBYm5xZjpE/hSjopQ4rwZIQgAkkVGaB9cLjlIhRutXjOJArwjzbiwAquIBRjhc 9yugwUxAg5tBPuItLklESEk1MDL8LOQXWj9fp/fI/avbuadO3fXMLV5FPDzf8vnzcx+0Np+J 2nDbIv2VJ8/lDemza1SiqtfsF7atZ5uxZa7LO9FfYjzXG3fdcd+y23zHDucH2+U+XVC7XX/2 2eKITCfhAo55Rz/YybicNaitbPXeXaqyK+i44ckdTyRM2BRsD83aLvtuY93t5euVWIozEg21 mIuKEwFhunufrQIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/Jj95kCQlax9n-2U8nUlXZSBNbfY>
Subject: [Curdle] Review of draft-kaduk-kitten-des-des-des-die-die-die-01
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2017 15:59:56 -0000
I have reviewed this draft and have no blocking objections. Some non-blocking, editorial notes: Interoperability concerns are listed last for RC4, but second out of three subsections for DES3. Section 5.2, "Modern encryption types such as [...] use" should have a comma before "such as" and before "use". Section 5.2, "It is also best practice when [...], to" should have a comma before "when". Also, "it is also best practice" doesn't seem right. Section 5.3, "Because [...], this means that these application servers also possess" should omit "this means that". I would also remove the parenthetical for that sentence. Section 5.4, "cross-realm situations" should perhaps be "cross-realm deployments". Section 6, in "ample justification for deprecating their use", "their" appears to refer back to "The flaws", which doesn't seem quite right. Section 6, "blocksize" should be "block size". Section 6.1, "[nfold] is known not to provide effective mixing of the input bits" is not backed up by a reference. (I don't know of a reference.)
- [Curdle] Review of draft-kaduk-kitten-des-des-des… Greg Hudson
- Re: [Curdle] Review of draft-kaduk-kitten-des-des… Benjamin Kaduk
- Re: [Curdle] Review of draft-kaduk-kitten-des-des… Greg Hudson
- Re: [Curdle] Review of draft-kaduk-kitten-des-des… Benjamin Kaduk
- Re: [Curdle] Review of draft-kaduk-kitten-des-des… Benjamin Kaduk
- Re: [Curdle] Review of draft-kaduk-kitten-des-des… Greg Hudson