IETF Logo Mail Archive

Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt

Greg Hudson <ghudson@MIT.EDU> Fri, 09 March 2012 05:14 UTC

Return-Path: <ietf-krb-wg-bounces@lists.anl.gov>
X-Original-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Delivered-To: ietfarch-krb-wg-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F01A521E800F for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 21:14:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLJ7zkCY8JuT for <ietfarch-krb-wg-archive@ietfa.amsl.com>; Thu, 8 Mar 2012 21:14:13 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by ietfa.amsl.com (Postfix) with ESMTP id 242A321E800E for <krb-wg-archive@lists.ietf.org>; Thu, 8 Mar 2012 21:14:13 -0800 (PST)
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 8571A63; Thu, 8 Mar 2012 23:14:12 -0600 (CST)
Received: from lists.anl.gov (katydid.it.anl.gov [146.137.96.32]) by mailhost.anl.gov (Postfix) with ESMTP id 12FF835; Thu, 8 Mar 2012 23:14:10 -0600 (CST)
Received: from katydid.it.anl.gov (localhost [127.0.0.1]) by lists.anl.gov (Postfix) with ESMTP id B15CD3442D7; Thu, 8 Mar 2012 23:14:10 -0600 (CST)
X-Original-To: ietf-krb-wg@lists.anl.gov
Delivered-To: ietf-krb-wg@lists.anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by lists.anl.gov (Postfix) with ESMTP id 74E4D3442D6 for <ietf-krb-wg@lists.anl.gov>; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Received: by mailhost.anl.gov (Postfix) id 6680112; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Delivered-To: ietf-krb-wg@anl.gov
Received: from mailhost.anl.gov (mailhost.anl.gov [130.202.113.50]) by localhost.anl.gov (Postfix) with ESMTP id 6182828 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Received: from mailrelay.anl.gov (mailrelay.anl.gov [130.202.101.22]) by mailhost.anl.gov (Postfix) with ESMTP id 42A4D12 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Received: from localhost (localhost [127.0.0.1]) by localhost.it.anl.gov (Postfix) with ESMTP id 2CCFA7CC0EC; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Received: from mailrelay.anl.gov ([127.0.0.1]) by localhost (mailrelay.anl.gov [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09564-05; Thu, 8 Mar 2012 23:14:09 -0600 (CST)
Received: from mailgateway.anl.gov (mailgateway.anl.gov [130.202.101.28]) by mailrelay.anl.gov (Postfix) with ESMTP id 065637CC0D4 for <ietf-krb-wg@anl.gov>; Thu, 8 Mar 2012 23:14:08 -0600 (CST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AkoFAIOQWU8SCRkNm2dsb2JhbABDDoJ7rw2DEiIBAQEBAQgJCwkUJ4IKAQECAgF4AQULCw4KCRYPCQMCAQIBRQYNAQcBAYgBBQOwdYkHkFYEiFOSW4xgVQ
X-IronPort-AV: E=Sophos;i="4.73,556,1325484000"; d="scan'208";a="76350065"
Received: from dmz-mailsec-scanner-2.mit.edu ([18.9.25.13]) by mailgateway.anl.gov with ESMTP; 08 Mar 2012 23:14:08 -0600
X-AuditID: 1209190d-b7fbf6d0000008ba-97-4f5991a0ea53
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) by dmz-mailsec-scanner-2.mit.edu (Symantec Messaging Gateway) with SMTP id 2F.BB.02234.0A1995F4; Fri, 9 Mar 2012 00:14:08 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id q295E7T5004465; Fri, 9 Mar 2012 00:14:08 -0500
Received: from [192.168.1.4] (pool-173-48-218-114.bstnma.fios.verizon.net [173.48.218.114]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id q295E6gR008872 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 9 Mar 2012 00:14:07 -0500 (EST)
Message-ID: <4F59919E.3050907@mit.edu>
Date: Fri, 09 Mar 2012 00:14:06 -0500
From: Greg Hudson <ghudson@MIT.EDU>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2
MIME-Version: 1.0
To: Jeffrey Hutzelman <jhutz@cmu.edu>
References: <1331243905.24486.106.camel@minbar.fac.cs.cmu.edu>
In-Reply-To: <1331243905.24486.106.camel@minbar.fac.cs.cmu.edu>
X-Enigmail-Version: 1.3.5
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpgleLIzCtJLcpLzFFi42IRYrdT110wMdLf4O8PXovJJycwWVx/f47d gcnj5Jq3bB77W4+xBjBFcdmkpOZklqUW6dslcGW8+97FXDCRr+LprvwGxkncXYwcHBICJhLP byh0MXICmWISF+6tZ+ti5OIQEtjHKHF76h8oZz2jxLtb11hBqoQE7jJJNG5UBLF5BdQkTiw5 xARiswioSkxumcsMYrMJKEscPPuNBWSBqECYxIJ3nhDlghInZz5hAbFFgMrvzZkFZjML6Et0 9W4DGy8s4CXRvO8NO0irkICdxJqH/iBhTgF7ib+/tzNB3Ckpsfj4QWaIVh2Jd30PoGx5ie1v 5zBPYBSahWTbLCRls5CULWBkXsUom5JbpZubmJlTnJqsW5ycmJeXWqRrpJebWaKXmlK6iREU 0JySvDsY3x1UOsQowMGoxMPbfS/CX4g1say4MvcQoyQHk5Io77UJkf5CfEn5KZUZicUZ8UWl OanFhxglOJiVRHhXyADleFMSK6tSi/JhUtIcLErivKpa7/yEBNITS1KzU1MLUotgsjIcHEoS vGtAhgoWpaanVqRl5pQgpJk4OEGG8wANPwhSw1tckJhbnJkOkT/FqCglzrsWJCEAksgozYPr hSWcV4ziQK8I8y4CqeIBJiu47ldAg5mABmfKhIMMLklESEk1MFqL7kmQnbokrcX7WPbSuS+c 3zHOYBWdEHrOsvvk8ddOstptOipfXlQf45jHU7x36qGsLXu+lS1inv5rxs4lKp86W4yX7Hh3 v3wqd3LnrcO1fWmreszu31528E3yrKkH/FaWm76IEhXYq+C6LMfyFsdzJZukeP3YzyH3Dygz v7WKX3K8QWmf82UlluKMREMt5qLiRAC4WvC/EwMAAA==
X-Virus-Scanned: Debian amavisd-new at frigga.it.anl.gov
Cc: "ietf-krb-wg@anl.gov" <ietf-krb-wg@anl.gov>
Subject: Re: [Ietf-krb-wg] review of draft-ietf-krb-wg-camellia-cts-00.txt
X-BeenThere: ietf-krb-wg@lists.anl.gov
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "This is a list for the IETF Kerberos Working Group. {WORLDPUB, EXTERNAL}" <ietf-krb-wg.lists.anl.gov>
List-Unsubscribe: <https://lists.anl.gov/mailman/options/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=unsubscribe>
List-Archive: <https://lists.anl.gov/pipermail/ietf-krb-wg>
List-Post: <mailto:ietf-krb-wg@lists.anl.gov>
List-Help: <mailto:ietf-krb-wg-request@lists.anl.gov?subject=help>
List-Subscribe: <https://lists.anl.gov/mailman/listinfo/ietf-krb-wg>, <mailto:ietf-krb-wg-request@lists.anl.gov?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ietf-krb-wg-bounces@lists.anl.gov
Sender: ietf-krb-wg-bounces@lists.anl.gov

On 03/08/2012 04:58 PM, Jeffrey Hutzelman wrote:
> Points 1, 2, 5, 6, and 7 are blockers; they must be resolved before
> the document can progress.

I believe all points are taken care of in -01, but some may need
confirmation.

> I would like to hear from any implementors who plan to implement
> this enctype or who have already done so, as well as from anyone
> who has verified the test vectors in section 11.

We have an implementation, awaiting enctype and cksumtype assignments
before becoming part of the default build.  It was, of course, used to
generate the test vectors, so can't be used to verify them.  The
Camellia implementation is off-the-shelf (with off-the-shelf tests) and
the CMAC implementation was verified against RFC 4493 test vectors using
AES as the cipher.

> 2. The IETF Trust copyright and license notice in this document is out
>    of date

I believe I resolved this by updating and re-running xml2rfc, but I
could only detect a one-word difference, so I'm not 100% certain.

> 4. In section 6, the description of the decryption operation does not
>    spell out how separate the MAC and ciphertext parts of the incoming
>    "ciphertext".  It also does not specify how to remove the confounder
>    from P to obtain the actual plaintext.  These operations should be
>    obvious, but it's better to be specific.

I added the text, "To separate the ciphertext into C and M components,
use the final final 16 bytes for M and all of the preceding bytes for C."

> 5. The IANA considerations [...]

I moved the Assigned Numbers table into the IANA considerations section
and reworked it to match the registry, as described in RFC 5226.  I also
removed the notes to the RFC editor, since I think it can all be taken
care of in the IANA step.
_______________________________________________
ietf-krb-wg mailing list
ietf-krb-wg@lists.anl.gov
https://lists.anl.gov/mailman/listinfo/ietf-krb-wg

v2.23.0 | Report a Bug | By Email