RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
Russ Housley <housley@vigilsec.com> Fri, 08 October 2004 12:46 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA20457 for <ipcdn-archive@ietf.org>; Fri, 8 Oct 2004 08:46:18 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CFuIS-0005sl-UJ for ipcdn-archive@ietf.org; Fri, 08 Oct 2004 08:56:34 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CFu7u-0002Vt-47; Fri, 08 Oct 2004 08:45:38 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CFn6S-0001j3-MZ for ipcdn@megatron.ietf.org; Fri, 08 Oct 2004 01:15:42 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA08418 for <ipcdn@ietf.org>; Fri, 8 Oct 2004 01:15:40 -0400 (EDT)
Received: from woodstock.binhost.com ([144.202.240.3]) by ietf-mx.ietf.org with smtp (Exim 4.33) id 1CFnGJ-0006DW-Ag for ipcdn@ietf.org; Fri, 08 Oct 2004 01:25:51 -0400
Received: (qmail 30652 invoked by uid 0); 8 Oct 2004 05:15:24 -0000
Received: from unknown (HELO Russ-Laptop.vigilsec.com) (64.221.254.66) by woodstock.binhost.com with SMTP; 8 Oct 2004 05:15:24 -0000
Message-Id: <6.1.2.0.2.20041008011232.03a95a70@mail.binhost.com>
X-Sender: housley@mail.binhost.com
X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0
Date: Fri, 08 Oct 2004 01:15:27 -0400
To: Jean-Francois Mule <jf.mule@cablelabs.com>
From: Russ Housley <housley@vigilsec.com>
Subject: RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
In-Reply-To: <CD6CE349CFD30D40BF5E13B3E0D8480406A3C3@srvxchg.cablelabs.c om>
References: <CD6CE349CFD30D40BF5E13B3E0D8480406A3C3@srvxchg.cablelabs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 2.9 (++)
X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906
X-Mailman-Approved-At: Fri, 08 Oct 2004 08:45:35 -0400
Cc: ipcdn@ietf.org, bwijnen@lucent.com, Eduardo Cardona <e.cardona@cablelabs.com>, Greg White <g.white@cablelabs.com>, Oscar Marcia <o.marcia@cablelabs.com>, "Richard Woundy @ Comcast" <Richard_woundy@cable.comcast.com>, Eric Rosenfeld <e.rosenfeld@cablelabs.com>, "Steven M. Bellovin" <smb@research.att.com>
X-BeenThere: ipcdn@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP over Cable Data Network <ipcdn.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipcdn@ietf.org>
List-Help: <mailto:ipcdn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=subscribe>
Sender: ipcdn-bounces@ietf.org
Errors-To: ipcdn-bounces@ietf.org
X-Spam-Score: 2.9 (++)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Jean-Francois: > > I seriously doubt that t3DES128EdeMode is useful in this > > context. ECB had > ^^^ >you mean EDE here > > some properties that are probably bad in this environment. > >Okay, we can remove it, no pb. Okay. >Just fyi, 3DES EDE was also proposed because it is already used in the >BPI+ spec for the traffic encryption key (TEK). See page 21 of BPI+ at >http://www.cablemodem.com/downloads/specs/BPI+_I11-040407.pdf : >"The traffic encryption key (TEK) in the Key Reply is triple DES >(encrypt-decrypt-encrypt or EDE mode) encrypted, using a two-key, triple >DES key encryption key (KEK) derived from the Authorization Key." This is still a poor choice. See RFC 3217 and RFC 3394 for better solutions. Russ _______________________________________________ IPCDN mailing list IPCDN@ietf.org https://www1.ietf.org/mailman/listinfo/ipcdn
- [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib… Wijnen, Bert (Bert)
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- Re: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Steven M. Bellovin
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley