Slicing and dicing

Karl Fox <karl@Ascend.COM> Tue, 09 September 1997 18:02 UTC

Received: (from majordom@localhost) by (8.8.2/8.8.2) id OAA28830 for ipsec-outgoing; Tue, 9 Sep 1997 14:02:49 -0400 (EDT)
Date: Tue, 09 Sep 1997 11:11:29 -0700
Message-Id: <>
From: Karl Fox <karl@Ascend.COM>
To: Rodney Thayer <>
Subject: Slicing and dicing
In-Reply-To: <>
References: <>
Reply-To: Karl Fox <karl@Ascend.COM>
Organization: Ascend Communications
Precedence: bulk

Rodney Thayer writes:
> I believe that during the most recent round of draft writing we discovered
> that several people were discussing and/or documenting DES Weak keys.  I
> suspect we failed to resolve that.  I think the simples resolution I heard
> was to suggest that in the future all documents point at Schneier's book
> for the weak and semi-weak key list.

I'd prefer that the list be included in the document (preferably in a
*single* document), partly because the table of possibly-weak keys in
my copy of Schneier's book (2nd edition, 1st printing) contains an
error.  The tables in draft-ietf-ipsec-ciph-des-derived-00.txt and
draft-ietf-ipsec-ciph-des-expiv-00.txt are right.  I don't know if
Schneier's book has been corrected in later printings (if there are
any).  I've reported the error to him twice with only an automated
errata list (not containing the table error) as reply, but it may be
fixed now--others I've spoken to have found it, too.

> >Date: Mon, 8 Sep 1997 15:04:45 -0700
> >From: Karl Fox <karl@Ascend.COM>
> >To:
> >Subject: Slicing and dicing
> >Reply-To: Karl Fox <karl@Ascend.COM>
> >Organization: Ascend Communications
> >Sender:
> >Reply-To:
> >
> >While I'm on the subject of key material derivation,
> >draft-ietf-ipsec-ciph-des-expiv-00.txt talks about comparisons with
> >possibly-weak keys, while isakmp-oakley-04 only mentions weak and
> >semi-weak keys.  They should be consistent.  Even better, they should
> >both point to a single place where an appropriate technique is
> >described.
> >
> >Also, draft-ietf-ipsec-ciph-des-expiv-00.txt says that
> >
> >   [some document] describes the general mechanism to derive keying
> >   material for the ESP transform. The derivation of the key from some
> >   amount of keying material does not differ between the manually- and
> >   automatically-keyed security associations.
> >
> >Does anybody know when this document will be available?  What else
> >should we use to find out what to use for the ANX testing, the
> >reference implementation?
> >
> >Is that what everybody else does?
> >-- 
> >Karl Fox, servant of God, employee of Ascend Communications
> >655 Metro Place South, Suite 370, Dublin, Ohio  43017   +1 614 760 4041
> >
> >
> >
Karl Fox, servant of God, employee of Ascend Communications
655 Metro Place South, Suite 370, Dublin, Ohio  43017   +1 614 760 4041