[Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt
Jeffrey Hutzelman <jhutz@cmu.edu> Thu, 08 March 2012 21:58 UTC
Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 655DF21E8028 for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 13:58:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.299
X-Spam-Level:
X-Spam-Status: No, score=-106.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_22=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cE7eXQiab4y for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 13:58:29 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id 9ACBB21E8021 for <krb-wg-archive@lists.ietf.org>; Thu, 8 Mar 2012 13:58:29 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id C9E6D6B; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 6E32E64; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id 51DE73442D5; Thu, 8 Mar 2012 15:58:28 -0600 (CST)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 1AC313442C3 for <ietf-krb-wg@lists.anl.gov>; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Received: by mailhost.anl.gov (Postfix) id 0D27635; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 0770E64 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:27 -0600 (CST)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id DF71535 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id C66537CC095; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04279-09; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 6CE397CC0B8 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 15:58:26 -0600 (CST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Au4AAJsqWU+AAtnFkWdsb2JhbAA5CoU1r3QiAQEBAQkLCwcUBSKCDChWNQImAl+IHQuoG4kMiQeBL4hwhSGBFgSIUoxzhWWNNA
X-IronPort-AV: E=Sophos;i="4.73,554,1325484000"; d="scan'208";a="76335081"
Received: from smtp02.srv.cs.cmu.edu ([128.2.217.197]) by mailgateway.anl.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 08 Mar 2012 15:58:26 -0600
Received: from [128.2.193.239] (minbar.fac.cs.cmu.edu [128.2.193.239]) (authenticated bits=0) by smtp02.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id q28LwPrZ029624 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 8 Mar 2012 16:58:25 -0500 (EST)
From: Jeffrey Hutzelman <jhutz@cmu.edu>
To: "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Date: Thu, 08 Mar 2012 16:58:25 -0500
Message-ID: <1331243905.24486.106.camel@minbar.fac.cs.cmu.edu>
Mime-Version: 1.0
X-Mailer: Evolution 2.28.3
X-Scanned-By: mimedefang-cmuscs on 128.2.217.197
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: jhutz@cmu.edu
Subject: [Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov
Below is my review of the Camellia document. These are all editorial
and process issues, and I would like to see all of them resolved before
we move on. Points 1, 2, 5, 6, and 7 are blockers; they must be
resolved before the document can progress.
I would like to hear from any implementors who plan to implement
this enctype or who have already done so, as well as from anyone
who has verified the test vectors in section 11.
-- Jeff
1. The document header does not include an intended status. Since we
have not yet seen consensus to request publication on the standards
track, please add "Intended Status: Informational" to the document
header.
The abstract should include an explicit mention of RFC3961 (but
without a citation, since the abstract must stand alone). For
example:
OLD
This document specifies two encryption types and two corresponding
checksum types for the Kerberos cryptosystem suite. The new types
use the Camellia block cipher in CBC-mode with ciphertext stealing
and the CMAC algorithm for integrity protection.
NEW
This document specifies two encryption types and two corresponding
checksum types for the Kerberos cryptosystem frameworkd defined
in RFC3961. The new types use the Camellia block cipher in CBC
mode with ciphertext stealing and the CMAC algorithm for integrity
protection.
2. The IETF Trust copyright and license notice in this document is out
of date, and must be updated to reflect the current version of the
Trust Legal Provisions, which went into effect Dec 28, 2009. See
http://trustee.ietf.org/license-info/ and particularly section 6.b
of the current (4.0) TLP.
3. The last paragraph of the introduction incorporates requirements
keywords from RFC2119 by reference, but then does not use them.
This paragraph should be removed.
4. In section 6, the description of the decryption operation does not
spell out how separate the MAC and ciphertext parts of the incoming
"ciphertext". It also does not specify how to remove the confounder
from P to obtain the actual plaintext. These operations should be
obvious, but it's better to be specific.
5. The IANA considerations section should fully identify the namespace
into which each value is registered, preferably not only by name
but also including a URL to the registry and a mention of RFC3961
where the registries are defined. Also, this section should list
each value to be assigned and give each a unique reference (TBD1,
TBD2, etc); those references should be used instead of plain "TBD"
in the rest of the document, in order to aid the RFC-Editor in
making the correct substitutions. For more details, please see
RFC5226 section 5.1.
6. References must be split into separate sections for normative and
informative references. So far as I can tell, the references to
RFCs 3713, 3961, and 3962 and to NIST special pubs 800-38B and
800-108 are all normative, while the references to Schneier's book
and to the IPA and Mala, et.al. papers and the NESSIE project are
all informative. This document contains no RFC2119 requirements
language, so the reference to RFC2119 is not needed.
7. There is no section acknowledging authors and other contributors to
this document.
_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg
- [Ietf-krb-wg] review of draft-ietf-krb-wg-camelli… Jeffrey Hutzelman
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Martin Rex
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Jeffrey Hutzelman
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Martin Rex
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Greg Hudson
- Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-cam… Jeffrey Hutzelman