response to Last Call on: IP Authentication using Keyed MD5
Phil Rogaway <rogaway@cs.ust.hk> Thu, 29 June 1995 09:09 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa00730; 29 Jun 95 5:09 EDT
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa00726; 29 Jun 95 5:09 EDT
Received: from interlock.ans.net by CNRI.Reston.VA.US id aa01749; 29 Jun 95 5:09 EDT
Received: by interlock.ans.net id AA39312 (InterLock SMTP Gateway 3.0 for ipsec-out@ans.net); Thu, 29 Jun 1995 04:56:37 -0400
Message-Id: <199506290856.AA39312@interlock.ans.net>
Received: by interlock.ans.net (Protected-side Proxy Mail Agent-3); Thu, 29 Jun 1995 04:56:37 -0400
Received: by interlock.ans.net (Protected-side Proxy Mail Agent-2); Thu, 29 Jun 1995 04:56:37 -0400
Received: by interlock.ans.net (Protected-side Proxy Mail Agent-1); Thu, 29 Jun 1995 04:56:37 -0400
Date: Thu, 29 Jun 1995 16:54:48 +0800
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Phil Rogaway <rogaway@cs.ust.hk>
To: ipsec@ans.net
Subject: response to Last Call on: IP Authentication using Keyed MD5
Now that it may finally be on the table to do something about draft-ietf-ipsec-ah-md5-03.txt I would like to remind this community that not only should the MAC be defined independent of its intended use, so too should the encryption transform. I did this two months ago (Internet Draft draft-rogaway-cbc-encrypt-00.txt -- the suggested replacement to what is now draft-ietf-ipsec-esp-des-cbc-04.txt). I received 0 (zero) comments on this work, and the revised IPSEC document (draft-ietf-ipsec-esp-des-cbc-04.txt) was non-responsive. This despite the fact that not only is the transform in draft-ietf-ipsec-esp-des-cbc-04.txt intertwined with its use, but its description has at least two major technical errors. These were already pointed out in earlier notes: incorrectly asserting that the mechanism provides integrity, and incorrectly stating that a counter provides as an acceptable IV. Phil Rogaway
- response to Last Call on: IP Authentication using… Phil Rogaway
- Re: response to Last Call on: IP Authentication u… Perry E. Metzger
- Re: response to Last Call on: IP Authentication u… Phil Rogaway
- Re: response to Last Call on: IP Authentication u… Perry E. Metzger