Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA Cryptographic Authentication - <draft-ietf-ospf-hmac-sha-04.txt>
Acee Lindem <acee@redback.com> Mon, 18 May 2009 13:05 UTC
Return-Path: <prvs=3825daabb=acee@redback.com>
X-Original-To: ospf@core3.amsl.com
Delivered-To: ospf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A91583A6C42 for <ospf@core3.amsl.com>; Mon, 18 May 2009 06:05:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.43
X-Spam-Level:
X-Spam-Status: No, score=-2.43 tagged_above=-999 required=5 tests=[AWL=0.169, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id thSbB7BYqJWQ for <ospf@core3.amsl.com>; Mon, 18 May 2009 06:05:25 -0700 (PDT)
Received: from mgate.redback.com (mgate.redback.com [155.53.3.41]) by core3.amsl.com (Postfix) with ESMTP id E73863A689C for <ospf@ietf.org>; Mon, 18 May 2009 06:05:25 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.41,209,1241420400"; d="scan'208";a="1758049"
Received: from prattle.redback.com ([155.53.12.9]) by mgate.redback.com with ESMTP; 18 May 2009 06:06:57 -0700
Received: from localhost (localhost [127.0.0.1]) by prattle.redback.com (Postfix) with ESMTP id 155A234D416; Mon, 18 May 2009 06:06:57 -0700 (PDT)
Received: from prattle.redback.com ([127.0.0.1]) by localhost (prattle [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04870-06; Mon, 18 May 2009 06:06:57 -0700 (PDT)
Received: from [IPv6???1] (svilogin-1.sj.us.am.ericsson.se [155.53.154.39]) by prattle.redback.com (Postfix) with ESMTP id 9CF1F34D415; Mon, 18 May 2009 06:06:56 -0700 (PDT)
In-Reply-To: <930184.74533.qm@web27201.mail.ukl.yahoo.com>
References: <DABE244D-DBC3-43A9-8363-571942933EF3@redback.com> <930184.74533.qm@web27201.mail.ukl.yahoo.com>
Mime-Version: 1.0 (Apple Message framework v753.1)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <BD66C8F7-2B62-4C42-A72F-EFF66D33909A@redback.com>
Content-Transfer-Encoding: 7bit
From: Acee Lindem <acee@redback.com>
Date: Mon, 18 May 2009 09:06:52 -0400
To: John Smith <jsmith4112003@yahoo.co.uk>
X-Mailer: Apple Mail (2.753.1)
Cc: OSPF List <ospf@ietf.org>
Subject: Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA Cryptographic Authentication - <draft-ietf-ospf-hmac-sha-04.txt>
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2009 13:06:18 -0000
Hi John,
Thanks for reviewing.
On May 17, 2009, at 7:55 PM, John Smith wrote:
>
> Hi,
>
> Good to see this work finally moving forward. I strongly support
> this once the following two issues are taken care of:
>
> (a) Draft cites HMAC-SHA-256, and not HMAC-SHA-1, as a MUST. Any
> specific reasons?
HMAC-SHA-1 is "So 1997"... The authors reached agreement on a
stronger common algorithm. Ran or one of the other authors may want
to comment on HMAC-SHA-1 vulnerabilities as there was a lengthy
discussion on which algorithm(s) to make a "MUST".
>
> (b) Although the document adds support for HMAC-SHA-224, i dont see
> a value of B (section 3.3) defined for this.
This should be updated as follows:
For SHA-1, SNA-224, and SHA-256: B == 64
For SHA-384 and SHA-512: B == 128
Thanks,
Acee
>
> John
>
>
>
> ----- Original Message ----
> From: Acee Lindem <acee@redback.com>
> To: OSPF List <ospf@ietf.org>
> Sent: Thursday, 7 May, 2009 23:12:42
> Subject: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA Cryptographic
> Authentication - <draft-ietf-ospf-hmac-sha-04.txt>
>
> The WG last call for the subject document will begin today and end
> Friday, May 22nd at 12:00 AM PDT. Please review the document and
> send your comments to this list. This version includes the Apad in
> the HMAC calculation consistent with the discussions we had in
> Philadelphia and SF.
>
> Thanks,
> Acee and Abhay_______________________________________________
> OSPF mailing list
> OSPF@ietf.org
> https://www.ietf.org/mailman/listinfo/ospf
>
>
>
>
- [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA Cryp… Acee Lindem
- Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA … John Smith
- Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA … Acee Lindem
- Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA … Bhatia, Manav (Manav)
- Re: [OSPF] OSPF WG Last Call for OSPFv2 HMAC-SHA … Acee Lindem