IETF Logo Mail Archive

Re: [kitten] WGLC on draft-ietf-kitten-aes-cts-hmac-sha2-08

Nico Williams <nico@cryptonector.com> Tue, 19 January 2016 18:44 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E67C1B3444 for <kitten@ietfa.amsl.com>; Tue, 19 Jan 2016 10:44:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level:
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6i3ylVPnb0eR for <kitten@ietfa.amsl.com>; Tue, 19 Jan 2016 10:44:20 -0800 (PST)
Received: from homiemail-a103.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id BC5CD1B3443 for <kitten@ietf.org>; Tue, 19 Jan 2016 10:44:20 -0800 (PST)
Received: from homiemail-a103.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a103.g.dreamhost.com (Postfix) with ESMTP id 597F82005E634; Tue, 19 Jan 2016 10:44:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=4orpJWVwGBqDm1 pWEa+BPqruF64=; b=LQahJzUWJJ4zqfi10jVUjXN+BHHJmaxr8E5zx1xY0wRVuP 1OiUo3dUg8o+9MuAcoIoHEUFyQmldmF9lqBpmLBAV0bAF0VMy8S7KYgPPo9sL8Qi YgfL3ZaFI8luqiPuWqu72SDub6CYNOZxA786iplXvntaOYiZTSbS1Tb5LIUDc=
Received: from localhost (108-207-244-100.lightspeed.austtx.sbcglobal.net [108.207.244.100]) (Authenticated sender: nico@cryptonector.com) by homiemail-a103.g.dreamhost.com (Postfix) with ESMTPA id DA4822005E63C; Tue, 19 Jan 2016 10:44:07 -0800 (PST)
Date: Tue, 19 Jan 2016 12:44:01 -0600
From: Nico Williams <nico@cryptonector.com>
To: Greg Hudson <ghudson@mit.edu>
Message-ID: <20160119184400.GB26294@localhost>
References: <alpine.GSO.1.10.1601060014510.26829@multics.mit.edu> <56992BA6.7040309@mit.edu> <20160119012415.GY6027@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20160119012415.GY6027@localhost>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/SE80VFYeEqYhKhoL09jHVNS0TU8>
Cc: kitten@ietf.org
Subject: Re: [kitten] WGLC on draft-ietf-kitten-aes-cts-hmac-sha2-08
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2016 18:44:22 -0000

On Mon, Jan 18, 2016 at 07:24:16PM -0600, Nico Williams wrote:
> On Fri, Jan 15, 2016 at 12:25:58PM -0500, Greg Hudson wrote:
> > I did another read-through of the draft.  I found some minor issues,
> > which I hope can be resolved without requiring another WGLC.
> 
> I did as well.  I don't have anything substantial to add to your
> comments:

One more comment:

 - Perhaps we should REQUIRE that GSS Kerberos mechanism implementations
   implement and use the RFC6542 channel binding hash agility extension
   when using the new enctypes.

   This means we can stop using MD5 in the GSS mechanism when using the
   new enctypes.

This is probably way too late now, and arguably that should be stated in
a separate RFC, but it'd be a trivial one to publish and get to publish
at the same time as the new enctypes.

Nico
--

v2.23.0 | Report a Bug | By Email