Re: [Perc] Double questions
"Paul E. Jones" <paulej@packetizer.com> Tue, 21 March 2017 23:57 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C02012940A for <perc@ietfa.amsl.com>; Tue, 21 Mar 2017 16:57:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Xg-mNzPRXeB for <perc@ietfa.amsl.com>; Tue, 21 Mar 2017 16:57:16 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 355041293E9 for <perc@ietf.org>; Tue, 21 Mar 2017 16:57:16 -0700 (PDT)
Received: from [192.168.1.20] (cpe-098-122-167-029.nc.res.rr.com [98.122.167.29] (may be forged)) (authenticated bits=0) by dublin.packetizer.com (8.15.2/8.15.2) with ESMTPSA id v2LNvE9F016886 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 21 Mar 2017 19:57:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1490140635; bh=i/sWrS3ME9aOWnXajeWZAaaPh2hGP1dNab1f4Ntl2Ew=; h=From:To:Subject:Date:In-Reply-To:References:Reply-To; b=GJjUKo0iD8MmMwP5jLHLbE4u3/HPB1hb1AW+PYng/zxT2cjcuWCfjDbYoXFkpQrua EtlLW/Zko+0KCDwi9t+CsDqnwrF9Cc9aJigoNrzBhbeKPD5CIjOAkCUy16C9L9pzX4 OrcT3lkI2T6QKlDeRgq59NvvwgNCcLOzsi5kgdEY=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Eric Rescorla <ekr@rtfm.com>, perc@ietf.org
Date: Tue, 21 Mar 2017 23:57:15 +0000
Message-Id: <emc11a85d3-656a-4538-975a-77e7ecceeed5@sydney>
In-Reply-To: <CABcZeBNKZLww=iFutD_EVGzNJo0y6ieSoZ55LjCG4rnnn-bOhw@mail.gmail.com>
References: <CABcZeBNKZLww=iFutD_EVGzNJo0y6ieSoZ55LjCG4rnnn-bOhw@mail.gmail.com>
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
User-Agent: eM_Client/7.0.28492.0
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="------=_MBE8898DC1-9840-451B-B96A-499E55F3D65F"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.1 (dublin.packetizer.com [10.165.122.250]); Tue, 21 Mar 2017 19:57:15 -0400 (EDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/OSUiYSbtnxPqwz8DW4poWdJweNs>
Subject: Re: [Perc] Double questions
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 23:57:17 -0000
Ekr, >So, does that mean that the original PT/SEQ (as reconstructed from >OHB) are not used for anything other than to make the decryption work? >They're totally discarded? Yes, I think you described it all correctly. The PT and SEQ are necessary only because they were originally there when the transmitting endpoint performed HBH authenticated encryption. Thus, we need those original values to properly authenticate the packet when decrypting. No other reason for keeping them. Paul
- [Perc] Double questions Eric Rescorla
- Re: [Perc] Double questions Nils Ohlmeier
- Re: [Perc] Double questions Paul E. Jones
- Re: [Perc] Double questions Cullen Jennings