RE: replay field size
Roy Pereira <rpereira@timestep.com> Mon, 10 February 1997 02:36 UTC
Received: from cnri by ietf.org id aa02775; 9 Feb 97 21:36 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa02288; 9 Feb 97 21:36 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id VAA05177 for ipsec-outgoing; Sun, 9 Feb 1997 21:25:00 -0500 (EST)
Message-ID: <c=US%a=_%p=TimeStep_Corpora%l=TSNTSRV2-970210023005Z-1718@tsntsrv2.timestep.com>
From: Roy Pereira <rpereira@timestep.com>
To: "'ipsec@tis.com'" <ipsec@tis.com>, 'Ran Atkinson' <rja@inet.org>
Subject: RE: replay field size
Date: Sun, 09 Feb 1997 21:30:05 -0500
X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.993.5
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
>> We should be able to just plug in a new cipher algorithm and a new >> digest algorithm without having to re-invent the wheel. Just plug in >> their identifiers and go... >There _is_ more to it than just identifiers. Different algorithms have >different modes and different resulting data sizes and IVs and so forth. >With AH HMAC SHA-1 there was the question raised of using the standard >160-bit SHA-1 output or truncating to use 128-bits of SHA-1 output. >If one truncates, then the method/process of truncation needs to >be openly and clearly specified. Just assigning identifiers will >tend NOT lead to interoperable implementations. Additional structure >to the base specifications will help, but is probably not a panacea. Ran, my point was that a very large portion of the existing transform drafts contain the exact same words and definitions. Yes, more than an identifier would be required for some algorithms, but again there exists quite a lot of the specification wording that overlap. Rules for such things as truncating a digest (or padding it) would be better defined in a common draft (ESP and/or AH). If there was a common method to obtain a variable length IV and variable length keys from keying material, then this information would not have to be in every transform draft. Why should all ESP transform drafts list the ESP structure, define replay protection, and define how to obtain keying? These common specification sections only need to be specified once.
- RE: replay field size Roy Shamir
- RE: replay field size Michael J. Oehler
- Re: replay field size Niels Ferguson
- replay field size Derrell Piper
- Re: replay field size Matt Thomas
- RE: replay field size Roy Pereira
- RE: replay field size Ran Atkinson
- RE: replay field size Roy Pereira
- Re: replay field size Tim Bass (IETF)
- RE: replay field size Rob Adams
- Re: replay field size Dan McDonald
- RE: replay field size Ran Atkinson
- Re: replay field size Robert Glenn
- RE: replay field size Roy Pereira
- RE: replay field size Dan McDonald
- Re: replay field size Germano Caronni
- Re: replay field size John Keating
- Re: replay field size Derrell Piper
- Re: replay field size Ran Atkinson
- Re: replay field size wei
- RE: replay field size Stephen Kent
- Re: replay field size Matt Thomas
- RE: replay field size Phil Karn
- Re: replay field size Theodore Y. Ts'o
- Re: replay field size Perry E. Metzger
- Re: replay field size Niels Ferguson
- Re: replay field size Bill Sommerfeld
- Re: replay field size Theodore Y. Ts'o
- Re: replay field size Uri Blumenthal
- RE: replay field size Bob Monsour
- RE: replay field size Stephen Kent
- RE: replay field size Stephen Kent
- Re: replay field size Stephen Kent
- Re: replay field size Stephen Kent
- Re: replay field size Ran Atkinson
- Re: replay field size Steven Bellovin
- Re: replay field size Ran Atkinson
- Re: replay field size Jim Thompson
- Re: replay field size Bart Preneel