Re: [saag] [Technical Errata Reported] RFC5116 (6415)
Benjamin Kaduk <kaduk@mit.edu> Sun, 31 January 2021 21:46 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2DBF3A1295; Sun, 31 Jan 2021 13:46:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xC6cVBljUVLF; Sun, 31 Jan 2021 13:46:25 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFBBB3A1294; Sun, 31 Jan 2021 13:46:24 -0800 (PST)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 10VLk7fL032521 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 31 Jan 2021 16:46:12 -0500
Date: Sun, 31 Jan 2021 13:46:07 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: mcgrew@cisco.com
Cc: iesg@ietf.org, jordan@certainlyawesome.com, RFC Errata System <rfc-editor@rfc-editor.org>, saag@ietf.org
Message-ID: <20210131214607.GT21@kduck.mit.edu>
References: <20210129033026.E8D46F40714@rfc-editor.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20210129033026.E8D46F40714@rfc-editor.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/hAlyMVut6F0SDWj4bxHoR7PNnIA>
Subject: Re: [saag] [Technical Errata Reported] RFC5116 (6415)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2021 21:46:27 -0000
On Thu, Jan 28, 2021 at 07:30:26PM -0800, RFC Errata System wrote: > The following errata report has been submitted for RFC5116, > "An Interface and Algorithms for Authenticated Encryption". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid6415 > > -------------------------------------- > Type: Technical > Reported by: Jordan Smith <jordan@certainlyawesome.com> > > Section: 3.2 > > Original Text > ------------- > Implementations > SHOULD support 12-octet nonces in which the Counter field is four > octets long. > > Corrected Text > -------------- > Implementations > SHOULD support 12-octet nonces in which the Fixed field is four > octets long. I think it's pretty hard to make an argument that the statement is not what was intended at the time based solely on the relative lengths of fields in the figure. There are different considerations for when one wants a larger fixed of counter portion, and a change that is in effect retroactively attempting to change the stated preference seems hard to argue for via the errata system. Accordingly, I propose to mark this as rejected since there does not seem to be clear evidence that the original text is not what was intended. -Ben > Notes > ----- > The ascii diagram given shows the Fixed portion being smaller and the examples given in https://tools.ietf.org/id/draft-mcgrew-iv-gen-01.html also show that the Fixed portion is 4 bytes. > > Also an 8 byte counter gives 2^64, where a 4 byte counter would only give 2^32 > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC5116 (draft-mcgrew-auth-enc-05) > -------------------------------------- > Title : An Interface and Algorithms for Authenticated Encryption > Publication Date : January 2008 > Author(s) : D. McGrew > Category : PROPOSED STANDARD > Source : IETF - NON WORKING GROUP > Area : N/A > Stream : IETF > Verifying Party : IESG >
- Re: [saag] [Technical Errata Reported] RFC5116 (6… Benjamin Kaduk