[OSPF] FW: Gen-ART review of draft-ietf-ospf-hmac-sha-05
Acee Lindem <acee@redback.com> Thu, 23 July 2009 00:54 UTC
Return-Path: <prvs=448ddb890=acee@redback.com>
X-Original-To: ospf@core3.amsl.com
Delivered-To: ospf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5A8E728C12B for <ospf@core3.amsl.com>; Wed, 22 Jul 2009 17:54:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.168
X-Spam-Level:
X-Spam-Status: No, score=-2.168 tagged_above=-999 required=5 tests=[AWL=0.430, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rk7s7-tleblH for <ospf@core3.amsl.com>; Wed, 22 Jul 2009 17:54:54 -0700 (PDT)
Received: from mgate.redback.com (mgate.redback.com [155.53.3.41]) by core3.amsl.com (Postfix) with ESMTP id 49EF93A6C8A for <ospf@ietf.org>; Wed, 22 Jul 2009 17:54:54 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.43,249,1246863600"; d="scan'208,217";a="3766072"
Received: from prattle.redback.com ([155.53.12.9]) by mgate.redback.com with ESMTP; 22 Jul 2009 17:53:42 -0700
Received: from localhost (localhost [127.0.0.1]) by prattle.redback.com (Postfix) with ESMTP id 6A808525BB2 for <ospf@ietf.org>; Wed, 22 Jul 2009 17:53:42 -0700 (PDT)
Received: from prattle.redback.com ([127.0.0.1]) by localhost (prattle [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17301-04 for <ospf@ietf.org>; Wed, 22 Jul 2009 17:53:42 -0700 (PDT)
Received: from [IPv6???1] (svilogin-1.sj.us.am.ericsson.se [155.53.154.39]) by prattle.redback.com (Postfix) with ESMTP id B4B4C525BB1 for <ospf@ietf.org>; Wed, 22 Jul 2009 17:53:41 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v753.1)
To: OSPF List <ospf@ietf.org>
Message-Id: <3A48212D-27A3-4A2C-B5BC-CD7380170C3D@redback.com>
Content-Type: multipart/alternative; boundary="Apple-Mail-15--579718459"
From: Acee Lindem <acee@redback.com>
Date: Wed, 22 Jul 2009 20:53:41 -0400
X-Mailer: Apple Mail (2.753.1)
Subject: [OSPF] FW: Gen-ART review of draft-ietf-ospf-hmac-sha-05
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2009 01:32:34 -0000
From: <Black_David@emc.com> Date: July 22, 2009 8:40:47 PM EDT To: <rja@extremenetworks.com> Cc: <ospf@ietf.org>, <Black_David@emc.com> Subject: RE: Gen-ART review of draft-ietf-ospf-hmac-sha-05 Ran, This is fine with me - about the level of requirement for SHA-224 and SHA-384, I originally wrote: > To avoid confusion, this is a request that the authors think > about this topic; it is *not* a comment that the requirement > needs to be changed. If the authors believe that the current > "SHOULD" requirements for these two hashes are the right > approach, that is acceptable to me. Thinking has clearly happened ;-), and I have no problem with a result that that the requirement level will not be changed because doing so would reduce consensus. Thanks, --David > -----Original Message----- > From: RJ Atkinson [mailto:rja@extremenetworks.com] > Sent: Wednesday, July 22, 2009 5:55 PM > To: Black, David > Cc: ospf@ietf.org > Subject: Re: Gen-ART review of draft-ietf-ospf-hmac-sha-05 > > All, > > On 22 Jul 2009, at 11:31, Bhatia, Manav (Manav) wrote: >> Given that SHA-224 (and perhaps SHA-384) is not even present in all >> crypto libraries we could, if others don't see a problem, move this >> from a SHOULD to a MAY. > > All of the key-lengths for SHA-1 and SHA-2 are available in > at least some freely available crypto libraries, specifically > including both SHA-224 and SHA-384. > > (ASIDE: Commonly used search engines can be used to find such libraries. > Choice of which libraries, if any, to use is obviously implementer's choice.) > > Making that change to "MAY" would reduce consensus, as compared > with retaining the current "SHOULD" text, so it is best to keep > the current language as-is. > >>> In Section 3.2, it would be useful for the draft to say that an >>> OSPFv2 Security Association is not set up inband via OSPFv2, in >>> contrast to an IPsec Security Association created via IKE. Among >> >> Yup, sounds reasonable. We could add this too. > > I made that edit about an hour after David's note was originally sent. > >>> the reasons that this should be done is that the term "OSPFv2 >>> Security Association" is introduced in this draft - that term >>> does not occur in RFC 2328, even though Section D.3 of RFC 2328 >>> defines an abstraction for which "OSPFv2 Security Association" >>> is an appropriate name. I recommend stating that this term is >>> new to this draft. >>> >>> The mention of IP Security in the next to last paragraph of >>> the Security Considerations (section 4) should cite an >>> informative reference, RFC 4301 would be appropriate. >>> >> >> Yup, this can also be done. > > Again, I made that edit about an hour after David's note was > originally sent. > > Cheers, > > Ran Atkinson > (who is the active document editor for this draft) > >
- [OSPF] Gen-ART review of draft-ietf-ospf-hmac-sha… Acee Lindem
- Re: [OSPF] Gen-ART review of draft-ietf-ospf-hmac… Bhatia, Manav (Manav)
- [OSPF] FW: Gen-ART review of draft-ietf-ospf-hmac… Acee Lindem
- Re: [OSPF] Gen-ART review of draft-ietf-ospf-hmac… Acee Lindem