IETF Logo Mail Archive

Re: [saag] Additions to RFC 3631?

Simon Josefsson <simon@josefsson.org> Mon, 21 May 2012 10:07 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E9BE21F853D for <saag@ietfa.amsl.com>; Mon, 21 May 2012 03:07:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -97.402
X-Spam-Level:
X-Spam-Status: No, score=-97.402 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_40=-0.185, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ON39c8Yu+eDz for <saag@ietfa.amsl.com>; Mon, 21 May 2012 03:07:11 -0700 (PDT)
Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id 2346D21F8528 for <saag@ietf.org>; Mon, 21 May 2012 03:07:10 -0700 (PDT)
Received: from latte (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id q4LA75Jn018704 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 21 May 2012 12:07:06 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <300A2E9F-E99B-46FA-A101-E3611BD0D197@cs.columbia.edu> <877gw69h81.fsf@latte.josefsson.org> <4FB9ECA4.3010904@gmail.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:120521:yaronf.ietf@gmail.com::CN8FulDLL05+cqdZ:9pHQ
X-Hashcash: 1:22:120521:saag@ietf.org::njH6m2DLUNba5tvH:QT1g
Date: Mon, 21 May 2012 12:07:04 +0200
In-Reply-To: <4FB9ECA4.3010904@gmail.com> (Yaron Sheffer's message of "Mon, 21 May 2012 10:20:04 +0300")
Message-ID: <87wr454zlj.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/23.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v
X-Virus-Status: Clean
Cc: IETF Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Additions to RFC 3631?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 May 2012 10:07:12 -0000

Yaron Sheffer <yaronf.ietf@gmail.com> writes:

> And a short section on crypto-grade random number generation. I would
> be glad to contribute it.

I believe that is more for an update of RFC 1750 than RFC 3631.

RFC 1750 is in need for an update with modern recommendations.  It
should point to at least AES, Yarrow and the approved NIST RNGs.  The
references of weak ciphers (DES, MD4, etc) should be removed.  Given
that RFC 1750 is often cited by crypto protocol specifications, it would
be nice if RFC 1750 could be (more) useful to implementers.

/Simon

v2.23.0 | Report a Bug | By Email