Re: [Emu] EAP-GPSK: Ciphersuites
Hannes Tschofenig <Hannes.Tschofenig@gmx.net> Tue, 22 August 2006 09:26 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFSWu-0000Y9-HS; Tue, 22 Aug 2006 05:26:40 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFSWt-0000Y3-Bq for emu@ietf.org; Tue, 22 Aug 2006 05:26:39 -0400
Received: from mail.gmx.net ([213.165.64.20]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GFSWr-0005jG-Ul for emu@ietf.org; Tue, 22 Aug 2006 05:26:39 -0400
Received: (qmail invoked by alias); 22 Aug 2006 09:19:57 -0000
Received: from socks1.netz.sbs.de (EHLO [192.35.17.26]) [192.35.17.26] by mail.gmx.net (mp031) with SMTP; 22 Aug 2006 11:19:57 +0200
X-Authenticated: #29516787
Message-ID: <44EACC41.1000506@gmx.net>
Date: Tue, 22 Aug 2006 11:20:01 +0200
From: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: "M. Vanderveen" <mvandervn@yahoo.com>
Subject: Re: [Emu] EAP-GPSK: Ciphersuites
References: <20060821160616.29426.qmail@web54408.mail.yahoo.com>
In-Reply-To: <20060821160616.29426.qmail@web54408.mail.yahoo.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bdc523f9a54890b8a30dd6fd53d5d024
Cc: emu@ietf.org
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org
Hi let us for a moment assume that RFC 4307 makes some reasonable algorithm choices (we are talking about IKEv2 here). If we take the text and apply it to EAP-GPSK then we would produce something like: Conservative Choice: ----------------------- (Integrity) AUTH_HMAC_SHA1_96 2 [RFC2404] MUST (Encryption) ENCR_3DES 3 [RFC2451] MUST- (Key Derivation) PRF_HMAC_SHA1 2 [RFC2104] MUST (Note that there is no MUST for encryption algorithms specified in RFC 4307.) Choice for the Future: ----------------------- (Encryption) ENCR_AES_CBC 12 [AES-CBC] SHOULD+ (Integrity) AUTH_AES_XCBC_96 5 [AES-MAC] SHOULD+ (Key Derivation) PRF_AES128_CBC 4 [AESPRF] SHOULD+ Does this sound like a terrible bad idea? Ciao Hannes M. Vanderveen schrieb: > Both are pretty popular. Why not list them both? As for which one to be > mandatory to implement, someone should to a search through other systems > (e.g. IEEE, IPSec) and see which one is most popular. > > */Hannes Tschofenig <Hannes.Tschofenig@gmx.net>/* wrote: > > Hi all, > > the current version of the document > http://tools.ietf.org/wg/emu/draft-clancy-emu-eap-shared-secret-01.txt > still supports AES-EAX: > > +-----------+----+-------------+---------------+--------------------+ > | CSuite/ | KS | Encryption | Integrity | Key Derivation | > | Specifier | | | | Function | > +-----------+----+-------------+---------------+--------------------+ > | 0x000001 | 16 | AES-EAX-128 | AES-CMAC-128 | GKDF-128 | > +-----------+----+-------------+---------------+--------------------+ > > At the IETF#66 EMU meeting AES CCM was suggested. > > Later, it got the impression that AES-CBC was more appreciated. Should > we update the draft with AES-CBC? > > Ciao > Hannes > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www1.ietf.org/mailman/listinfo/emu > > > ------------------------------------------------------------------------ > Do you Yahoo!? > Get on board. You're invited > <http://us.rd.yahoo.com/evt=40791/*http://advision.webevents.yahoo.com/handraisers> > to try the new Yahoo! Mail Beta. _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
- [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- Re: [Emu] EAP-GPSK: Ciphersuites M. Vanderveen
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- Re: [Emu] EAP-GPSK: Ciphersuites Charles Clancy
- AW: [Emu] EAP-GPSK: Ciphersuites Tschofenig, Hannes
- Re: [Emu] EAP-GPSK: Ciphersuites Bernard Aboba
- RE: [Emu] EAP-GPSK: Ciphersuites Ray Bell
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- [Emu] RFC 2716bis update Bernard Aboba
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew
- Re: [Emu] EAP-GPSK: Ciphersuites Hannes Tschofenig
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites Charles Clancy
- RE: [Emu] EAP-GPSK: Ciphersuites Lakshminath Dondeti
- RE: [Emu] EAP-GPSK: Ciphersuites Joseph Salowey (jsalowey)
- Re: [Emu] EAP-GPSK: Ciphersuites David McGrew