Re: [kitten] Freshness Security Considerations for minimum/maximum size
"Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu> Thu, 01 December 2016 21:10 UTC
Return-Path: <hbhotz@oxy.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 576E9129458 for <kitten@ietfa.amsl.com>; Thu, 1 Dec 2016 13:10:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.935
X-Spam-Level:
X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YVuqWYORXDGg for <kitten@ietfa.amsl.com>; Thu, 1 Dec 2016 13:10:07 -0800 (PST)
Received: from mailout.easymail.ca (mailout.easymail.ca [64.68.201.169]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 294FF1294FA for <kitten@ietf.org>; Thu, 1 Dec 2016 13:08:25 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id 77555E3DC; Thu, 1 Dec 2016 16:08:24 -0500 (EST)
Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (easymail-mailout.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A+yOVb79lTGy; Thu, 1 Dec 2016 16:08:23 -0500 (EST)
Received: from [192.168.3.129] (24-205-82-163.dhcp.psdn.ca.charter.com [24.205.82.163]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id A0C60E3B8; Thu, 1 Dec 2016 16:08:22 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: "Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu>
In-Reply-To: <3cee1ab5-8f73-fce0-58a8-36a1697c9b77@mit.edu>
Date: Thu, 01 Dec 2016 13:08:21 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <0ABB5934-C7E7-4DBD-B21A-3986B4DB6440@oxy.edu>
References: <CY1PR03MB2315AC54FFAF0CC292EBDD71D08F0@CY1PR03MB2315.namprd03.prod.outlook.com> <3cee1ab5-8f73-fce0-58a8-36a1697c9b77@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
X-Mailer: Apple Mail (2.2104)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/BFyhIH9fSyenDLRfilSheNo3P_s>
Cc: "kitten@ietf.org" <kitten@ietf.org>, Michiko Short <michikos@microsoft.com>
Subject: Re: [kitten] Freshness Security Considerations for minimum/maximum size
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2016 21:10:08 -0000
Mildly disagree. The point is to avoid processing bogus messages. I’d suggest a security consideration noting this issue and recommending that anything too big to match any supported encryption type should be summarily thrown away. > On Dec 1, 2016, at 11:46 AM, Greg Hudson <ghudson@mit.edu> wrote: > >> Maximum length > > Saying anything about maximum lengths would be out of character for > Kerberos standards, I think. I don't think we should specify a maximum > length. Personal email. hbhotz@oxy.edu
- [kitten] Freshness Security Considerations for mi… Michiko Short
- Re: [kitten] Freshness Security Considerations fo… Greg Hudson
- Re: [kitten] Freshness Security Considerations fo… Henry B (Hank) Hotz, CISSP
- Re: [kitten] Freshness Security Considerations fo… Michiko Short