Re: [Gen-art] Gen-ART review of draft-kanno-tls-camellia-00
"Miguel A. Garcia" <Miguel.A.Garcia@ericsson.com> Mon, 04 April 2011 12:14 UTC
Return-Path: <miguel.a.garcia@ericsson.com>
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F3F493A67A1 for <gen-art@core3.amsl.com>; Mon, 4 Apr 2011 05:14:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.974
X-Spam-Level:
X-Spam-Status: No, score=-5.974 tagged_above=-999 required=5 tests=[AWL=-0.615, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_LWSHORTT=1.24]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s-vxuzp2Ico9 for <gen-art@core3.amsl.com>; Mon, 4 Apr 2011 05:14:06 -0700 (PDT)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by core3.amsl.com (Postfix) with ESMTP id 73CCC28C107 for <gen-art@ietf.org>; Mon, 4 Apr 2011 05:14:05 -0700 (PDT)
X-AuditID: c1b4fb39-b7c6dae0000023f2-2c-4d99b67237a0
Received: from esessmw0237.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id 54.A5.09202.276B99D4; Mon, 4 Apr 2011 14:15:47 +0200 (CEST)
Received: from [159.107.51.21] (153.88.115.8) by esessmw0237.eemea.ericsson.se (153.88.115.91) with Microsoft SMTP Server id 8.3.137.0; Mon, 4 Apr 2011 14:15:46 +0200
Message-ID: <4D99B670.7050602@ericsson.com>
Date: Mon, 04 Apr 2011 14:15:44 +0200
From: "Miguel A. Garcia" <Miguel.A.Garcia@ericsson.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9
MIME-Version: 1.0
To: Satoru Kanno <kanno.satoru@po.ntts.co.jp>
References: <4D773FB8.9040308@ericsson.com> <4D99A80F.4000103@po.ntts.co.jp>
In-Reply-To: <4D99A80F.4000103@po.ntts.co.jp>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: AAAAAA==
Cc: General Area Review Team <gen-art@ietf.org>, "kanda.masayuki@lab.ntt.co.jp" <kanda.masayuki@lab.ntt.co.jp>
Subject: Re: [Gen-art] Gen-ART review of draft-kanno-tls-camellia-00
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2011 12:14:13 -0000
Hi Satoru, This looks good to me. /Miguel On 04/04/2011 13:14, Satoru Kanno wrote: > Dear Miguel, > > Thank you for your review. > I have resolved for your comments in our draft. > And, I have found and edited nits by additional self review. > > + Elliptic curve encryption is not right. > Correctly, it's elliptic curve cryptosystem (ECC) > > (2011/03/09 17:52), Miguel A. Garcia wrote: >> I have been selected as the General Area Review Team (Gen-ART) >> reviewer for this draft. For background on Gen-ART, please see the FAQ >> at<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq> >> >> Please resolve these comments along with any other comments you may >> receive. >> >> Document: draft-kanno-tls-camellia-00.txt >> Reviewer: Miguel Garcia<miguel.a.garcia@ericsson.com> >> Review Date: 2011-03-09 >> IETF LC End Date: 2011-03-23 >> IESG Telechat: 2011-04-14 >> >> Summary: The document is ready for publication as an informational RFC. >> >> Major issues: none >> >> Minor issues: none >> >> Nits: >> >> - It would be nice if the draft includes formal references to external >> document where appropriate. Let me provide a few examples where I >> believe those formal references are missing: >> >> + Section 1, Introduction, missing reference to the SHA-2 family. >> Probably the reference should be done towards NIST FIPS 180-3: >> >> The proposed >> cipher suites include variants using SHA-2 family of cryptographic >> hash functions and Galois counter mode (GCM) [11]. >> > > Adding reference for SHA-2 family. I resolved as a follow: > -- > The proposed cipher suites include variants using SHA-2 family of > cryptographic hash functions [14] and Galois counter mode (GCM) [15]. > -- > >> + Section 3.2, add reference to AES (FIPS 197) at the beginning of: >> >> AES authenticated encryption with additional data algorithms, >> AEAD_AES_128_GCM and AEAD_AES_256_GCM are described in RFC5116 [5]. >> > > Adding reference for AES and here is first occurrence for AES to expand > term. I used short term at second occurrence prior. > I resolved as a follow: > -- > Advanced Encryption Standard (AES) [20] authenticated encryption with > additional data algorithms, AEAD_AES_128_GCM and AEAD_AES_256_GCM are > described in RFC5116 [8]. > -- > >> + Section 3.3, add a reference TLS 1.2 (RFC 5246). >> >> The hash algorithms and PRF algorithms for TLS 1.2 SHALL be as >> follows: >> > > Adding reference for TLS 1.2 and here is first occurrence for PSK to > expand term as pseudo random function. I used short term at second > occurrence prior. I resolved as a follow: > -- > The hash algorithms and pseudorandom function (PRF) algorithms for > TLS 1.2 [9] SHALL be as follows: > -- > > >> + Section 3.3, add a reference to HMAC-SHA-256/384, most likely RFC >> 2104. Also to SHA-356/384 (NIST FIPS 180-3=: >> >> a) The cipher suites ending with _SHA256 use HMAC-SHA-256 as the MAC >> algorithm, The PRF is the TLS PRF [6] with SHA-256 as the hash >> function, >> b) The cipher suites ending with _SHA384 use HMAC-SHA-384 as the MAC >> algorithm, The PRF is the TLS PRF [6] with SHA-384 as the hash >> function. >> > > Adding references for HAMC-SHA-256/384 and SHA-256/384. > I resolved as a follow: > -- > a) The cipher suites ending with _SHA256 use HMAC-SHA-256 [1] as the > MAC algorithm, The PRF is the TLS PRF [9] with SHA-256 [14] as the > hash function, > b) The cipher suites ending with _SHA384 use HMAC-SHA-384 [1] as the > MAC algorithm, The PRF is the TLS PRF [9] with SHA-384 [14] as the > hash function. > -- > > >> + Section 3.3, add a reference to TLS versions prior to 1.2, for example >> RFC 2246, and RFC 4346: >> >> When used with TLS versions prior to 1.2, the PRF is calculated as >> specified in the appropriate version of the TLS specification. >> > > Adding reference for TLS 1.2 and here is first occurrence for PSK then I > write expand term as pseudo random function. I used short term at second > occurrence prior. > I resolved as a follow: > -- > When used with TLS versions prior to 1.2 ( TLS 1.0 [2] and TLS 1.1 > [6]), the PRF is calculated as specified in the appropriate version > of the TLS specification. > -- > > >> >> >> - Expand terms at first occurrence. This includes: AES, PRF >> > > I resolved as following: > -Advanced Encryption Standard (AES) > -pseudorandom function (PRF) > >> >> - Introduction, the last sentence is already repeated and does not add >> any value. It can be safely deleted: >> >> The Camellia algorithm and its properties are described in [2]. >> > > I deleted the sentence. > > Regards, > Satoru > >> >> >> >> >> Miguel G. > > -- Miguel A. Garcia +34-91-339-3608 Ericsson Spain
- [Gen-art] Gen-ART review of draft-kanno-tls-camel… Miguel A. Garcia
- Re: [Gen-art] Gen-ART review of draft-kanno-tls-c… Miguel A. Garcia
- Re: [Gen-art] Gen-ART review of draft-kanno-tls-c… Satoru Kanno