Protocol Action: 'The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH' to Proposed Standard

The IESG <iesg-secretary@ietf.org> Tue, 04 April 2006 18:30 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQqIH-0002pc-35; Tue, 04 Apr 2006 14:30:21 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQqIE-0002nX-WE; Tue, 04 Apr 2006 14:30:19 -0400
Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=pine.neustar.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQqID-0002oJ-My; Tue, 04 Apr 2006 14:30:18 -0400
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by pine.neustar.com (8.12.8/8.12.8) with ESMTP id k34IUHvP026993 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 4 Apr 2006 18:30:17 GMT
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FQqID-0003Sf-4w; Tue, 04 Apr 2006 14:30:17 -0400
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1FQqID-0003Sf-4w@stiedprstage1.ietf.org>
Date: Tue, 04 Apr 2006 14:30:17 -0400
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 7aafa0432175920a4b3e118e16c5cb64
Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH' to Proposed Standard
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Errors-To: ietf-announce-bounces@ietf.org
Status: O

The IESG has approved the following document:

- 'The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH '
   <draft-mcgrew-aes-gmac-esp-02.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Russ Housley.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-mcgrew-aes-gmac-esp-02.txt

Technical Summary
 
  AES-GMAC-ESP provides an ESP data origin authentication mechanism that
  is amenable to high speed implementation.  Unlike all other ESP
  authentication mechanisms, it can be parallelized and can avoid
  pipeline stalls.  It is designed so that the incremental cost of
  implementing it, given an implementation is AES-GCM-ESP (RFC4106), is
  small.
 
Working Group Summary
 
  This draft is not the product of any working group; however, it has
  been reviewed by the Fibre Channel Security Protocols group in T11,
  which is considering its adoption.
 
Protocol Quality
 
  There is a software prototype implementation of the specification.

  The document was brought to the attention of the CFRG, which raised no
  concerns.

  The document was brought to the attention of the IPsec mail list,
  which raised no concerns.

  This document was reviewed by Russ Housley for the IESG.

Note to RFC Editor

  Please delete section 1.1 prior to publication.

  Please add the following paragraph at the end of Section 3.3
  (after figure 3):

    The use of 32-bit sequence numbers vs. 64-bit extended sequence
    numbers is determined by the security association (SA) management
    protocol that is used to create the SA.  For IKEv2 [RFC4306] this
    is negotiated via Transform Type 5, and the default for ESP is to
    use 64-bit extended sequence numbers in the absence of negotiation
    (e.g., see Section 2.2.1 of [RFC4303]).


_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce