Slicing and dicing

Rodney Thayer <rodney@sabletech.com> Tue, 09 September 1997 16:11 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id MAA28153 for ipsec-outgoing; Tue, 9 Sep 1997 12:11:46 -0400 (EDT)
Message-Id: <3.0.3.32.19970909115849.0070d248@pop3.pn.com>
X-PGP-Key: <http://www1.shore.net/~sable/info/rltkey.htm>
X-Sender: rodney@pop3.pn.com
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32)
Date: Tue, 09 Sep 1997 11:58:49 -0400
To: ipsec@tis.com
From: Rodney Thayer <rodney@sabletech.com>
Subject: Slicing and dicing
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

I believe that during the most recent round of draft writing we discovered
that several people were discussing and/or documenting DES Weak keys.  I
suspect we failed to resolve that.  I think the simples resolution I heard
was to suggest that in the future all documents point at Schneier's book
for the weak and semi-weak key list.

>Date: Mon, 8 Sep 1997 15:04:45 -0700
>From: Karl Fox <karl@Ascend.COM>
>To: ipsec@tis.com
>Subject: Slicing and dicing
>Reply-To: Karl Fox <karl@Ascend.COM>
>Organization: Ascend Communications
>Sender: owner-anx-sec@dot.netrex.net
>Reply-To: anx-sec@dot.netrex.net
>
>While I'm on the subject of key material derivation,
>draft-ietf-ipsec-ciph-des-expiv-00.txt talks about comparisons with
>possibly-weak keys, while isakmp-oakley-04 only mentions weak and
>semi-weak keys.  They should be consistent.  Even better, they should
>both point to a single place where an appropriate technique is
>described.
>
>Also, draft-ietf-ipsec-ciph-des-expiv-00.txt says that
>
>   [some document] describes the general mechanism to derive keying
>   material for the ESP transform. The derivation of the key from some
>   amount of keying material does not differ between the manually- and
>   automatically-keyed security associations.
>
>Does anybody know when this document will be available?  What else
>should we use to find out what to use for the ANX testing, the
>reference implementation?
>
>Is that what everybody else does?
>-- 
>Karl Fox, servant of God, employee of Ascend Communications
>655 Metro Place South, Suite 370, Dublin, Ohio  43017   +1 614 760 4041
>
>
>