[Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt
Jeffrey Hutzelman <jhutz@cmu.edu> Thu, 08 March 2012 21:58 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 655DF21E8028 for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 13:58:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.299
X-Spam-Level:
X-Spam-Status: No, score=-106.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_22=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cE7eXQiab4y for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 13:58:29 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id 9ACBB21E8021 for <krb-wg-archive@lists.ietf.org>; Thu, 8 Mar 2012 13:58:29 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id C9E6D6B; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 6E32E64; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 51DE73442D5; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 1AC313442C3 for <ietf-krb-wg@lists.anl.gov>; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Received: by mailhost.anl.gov (Postfix) id 0D27635; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 0770E64 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id DF71535 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id C66537CC095; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04279-09; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 6CE397CC0B8 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Au4AAJsqWU+AAtnFkWdsb2JhbAA5CoU1r3QiAQEBAQkLCwcUBSKCDChWNQImAl+IHQuoG4kMiQeBL4hwhSGBFgSIUoxzhWWNNA
X-IronPort-AV: E=Sophos;i="4.73,554,1325484000"; d="scan'208";a="76335081"
Received: from smtp02.srv.cs.cmu.edu ([128.2.217.197]) by mailgateway.anl.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 Mar 2012 15:58:26 -0600
Received: from [128.2.193.239] (minbar.fac.cs.cmu.edu [128.2.193.239]) (authenticated bits=0) by smtp02.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id q28LwPrZ029624 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 8 Mar 2012 16:58:25 -0500 (EST)
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Date: Thu, 08 Mar 2012 16:58:25 -0500
Message-ID: <1331243905.24486.106.camel@minbar.fac.cs.cmu.edu>
Mime-Version: 1.0
X-Mailer: Evolution 2.28.3
X-Scanned-By: mimedefang-cmuscs on 128.2.217.197
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: jhutz@cmu.edu
Subject: [Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
Below is my review of the Camellia document. These are all editorial and process issues, and I would like to see all of them resolved before we move on. Points 1, 2, 5, 6, and 7 are blockers; they must be resolved before the document can progress. I would like to hear from any implementors who plan to implement this enctype or who have already done so, as well as from anyone who has verified the test vectors in section 11. -- Jeff 1. The document header does not include an intended status. Since we have not yet seen consensus to request publication on the standards track, please add "Intended Status: Informational" to the document header. The abstract should include an explicit mention of RFC3961 (but without a citation, since the abstract must stand alone). For example: OLD This document specifies two encryption types and two corresponding checksum types for the Kerberos cryptosystem suite. The new types use the Camellia block cipher in CBC-mode with ciphertext stealing and the CMAC algorithm for integrity protection. NEW This document specifies two encryption types and two corresponding checksum types for the Kerberos cryptosystem frameworkd defined in RFC3961. The new types use the Camellia block cipher in CBC mode with ciphertext stealing and the CMAC algorithm for integrity protection. 2. The IETF Trust copyright and license notice in this document is out of date, and must be updated to reflect the current version of the Trust Legal Provisions, which went into effect Dec 28, 2009. See http://trustee.ietf.org/license-info/ and particularly section 6.b of the current (4.0) TLP. 3. The last paragraph of the introduction incorporates requirements keywords from RFC2119 by reference, but then does not use them. This paragraph should be removed. 4. In section 6, the description of the decryption operation does not spell out how separate the MAC and ciphertext parts of the incoming "ciphertext". It also does not specify how to remove the confounder from P to obtain the actual plaintext. These operations should be obvious, but it's better to be specific. 5. The IANA considerations section should fully identify the namespace into which each value is registered, preferably not only by name but also including a URL to the registry and a mention of RFC3961 where the registries are defined. Also, this section should list each value to be assigned and give each a unique reference (TBD1, TBD2, etc); those references should be used instead of plain "TBD" in the rest of the document, in order to aid the RFC-Editor in making the correct substitutions. For more details, please see RFC5226 section 5.1. 6. References must be split into separate sections for normative and informative references. So far as I can tell, the references to RFCs 3713, 3961, and 3962 and to NIST special pubs 800-38B and 800-108 are all normative, while the references to Schneier's book and to the IPA and Mala, et.al. papers and the NESSIE project are all informative. This document contains no RFC2119 requirements language, so the reference to RFC2119 is not needed. 7. There is no section acknowledging authors and other contributors to this document. _______________________________________________ ietf-krb-wg mailing list ietf-krb-wg@lists.anl.gov https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] review of draft-ietf-krb-wg-camelli… Jeffrey Hutzelman
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Martin Rex
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Jeffrey Hutzelman
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Martin Rex
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Greg Hudson
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Jeffrey Hutzelman