Last Call: IPSEC drafts -> Proposed Standards / Rogaway 1
Phil Rogaway <rogaway@cs.ust.hk> Fri, 30 June 1995 11:31 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa01461; 30 Jun 95 7:31 EDT
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa01457; 30 Jun 95 7:31 EDT
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa03503; 30 Jun 95 7:31 EDT
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa01448; 30 Jun 95 7:31 EDT
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa01444; 30 Jun 95 7:31 EDT
Received: from cssu46.cs.ust.hk by CNRI.Reston.VA.US id aa03493; 30 Jun 95 7:30 EDT
Received: from cssu55.cs.ust.hk (rogaway@cssu55.cs.ust.hk [143.89.40.55]) by cssu46.cs.ust.hk (8.6.12/8.6.9) with ESMTP id TAA18954; Fri, 30 Jun 1995 19:26:46 +0800
Full-Name: Phil Rogaway
Received: (from rogaway@localhost) by cssu55.cs.ust.hk (8.6.10/8.6.9) id TAA14270; Fri, 30 Jun 1995 19:26:44 +0800
Date: Fri, 30 Jun 1995 19:26:44 +0800
X-Orig-Sender: iesg-request@IETF.CNRI.Reston.VA.US
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Phil Rogaway <rogaway@cs.ust.hk>
Message-Id: <199506301126.TAA14270@cssu55.cs.ust.hk>
To: iesg@CNRI.Reston.VA.US
Subject: Last Call: IPSEC drafts -> Proposed Standards / Rogaway 1
Cc: ietf@CNRI.Reston.VA.US, rogaway@cs.ucdavis.edu
IESG: The Chair of the IPSEC Working Group has requested that documents: 1 Atkinson 1 - Security Architecture for the Internet Protocol (May 1995) 2 Atkinson 2 - IP Encapsulating Security Payload (ESP) (25 April 1995) 3 Atkinson 3 - IP Authentication Header (25 May 1995) 4 Metzger, Karn Simpson - The ESP DES-CBC Transform (April 1995) 5 Metzger, Simpson - IP Authentication using Keyed MD5 (April 1995) (the "IPSEC Drafts") be considered as Proposed Standards. This note is to urge the IESG that they DECLINE to take this action. The reason is that these Drafts have major technical flaws: pervasive problems pertaining to both cryptographic architecture and cryptographic mechanisms. These five documents will need to be substantially reworked before one has an acceptable standard for securing the Internet Protocol. My technical concerns have all been made earlier, in notes to Ran Atkinson and the IPSEC mailing list. Unfortunately, none of these items has been acted on (nor has there ever been any responsive explanation for this failure). As justification for the first paragraph of this note I transmit technical comments under separate cover. I comment that counter proposals (Internet Drafts) now exist to fix the main problems of [4] and [5]: draft-krawczyk-keyed-md5-00.txt is an acceptable counter-proposal to [5], while draft-rogaway-cbc-encrypt-00.txt is an acceptable counter-proposal to [4]. Sincerely, Phillip Rogaway
- Last Call: IPSEC drafts -> Proposed Standards / R… Phil Rogaway