Re: [saag] Additions to RFC 3631?
Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 21 May 2012 11:28 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC8D221F8623 for <saag@ietfa.amsl.com>; Mon, 21 May 2012 04:28:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zjKVtlhum+SG for <saag@ietfa.amsl.com>; Mon, 21 May 2012 04:28:23 -0700 (PDT)
Received: from mail-lpp01m010-f44.google.com (mail-lpp01m010-f44.google.com [209.85.215.44]) by ietfa.amsl.com (Postfix) with ESMTP id E3E1B21F861F for <saag@ietf.org>; Mon, 21 May 2012 04:28:22 -0700 (PDT)
Received: by lagv3 with SMTP id v3so3907394lag.31 for <saag@ietf.org>; Mon, 21 May 2012 04:28:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=cj2DWfVvrnV6C/XhTrgNAFag95sKDLIffALDSXvS+Ko=; b=xqps/NpVkRE1u8oyXoIoJkPU7NdOBz+ywBaDNID2BwEiJiZyoumFsIFY4DmqhPBTfC iN7efNU5W782zypdfCCwRjwKydSEmnf0nL3kzSBXVxcY+wO7VKu4otv7vErXCQPnGjmT hJZwmgMujYMeOiYxnNgFTD/G4oIETWmjPQLrPHrVgjRXlYkx4gX3Lj2j4zW28oTlYw5f SpaIOrscFuju78nXf9iRoOf+6lSjblDpZjzT1109gKD1uYSGtaOFJS6fy1ysUGDVvmU9 IX6Ja1IK0FSpZY4Kp7MGP6wmg36P/aIluYeryYUqEiMgyYsu0Ws33yAUqOClz133HK3Y r9Bg==
Received: by 10.152.46.232 with SMTP id y8mr19418934lam.18.1337599701777; Mon, 21 May 2012 04:28:21 -0700 (PDT)
Received: from [192.168.7.200] (109-186-123-111.bb.netvision.net.il. [109.186.123.111]) by mx.google.com with ESMTPS id sm7sm12442690lab.5.2012.05.21.04.28.18 (version=SSLv3 cipher=OTHER); Mon, 21 May 2012 04:28:20 -0700 (PDT)
Message-ID: <4FBA26D1.1060707@gmail.com>
Date: Mon, 21 May 2012 14:28:17 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <300A2E9F-E99B-46FA-A101-E3611BD0D197@cs.columbia.edu> <877gw69h81.fsf@latte.josefsson.org> <4FB9ECA4.3010904@gmail.com> <87wr454zlj.fsf@latte.josefsson.org> <4FBA15DA.7000306@cs.tcd.ie>
In-Reply-To: <4FBA15DA.7000306@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Simon Josefsson <simon@josefsson.org>, IETF Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Additions to RFC 3631?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 May 2012 11:28:23 -0000
Whether or not RFC 4086 is in need of an update (and I agree it is), randomness is important enough as a security mechanism, and often enough forgotten, to be worth a section in 3631bis. Thanks, Yaron On 05/21/2012 01:15 PM, Stephen Farrell wrote: > > > On 05/21/2012 11:07 AM, Simon Josefsson wrote: >> Yaron Sheffer<yaronf.ietf@gmail.com> writes: >> >>> And a short section on crypto-grade random number generation. I would >>> be glad to contribute it. >> >> I believe that is more for an update of RFC 1750 than RFC 3631. >> >> RFC 1750 is in need for an update with modern recommendations. It >> should point to at least AES, Yarrow and the approved NIST RNGs. The >> references of weak ciphers (DES, MD4, etc) should be removed. Given >> that RFC 1750 is often cited by crypto protocol specifications, it would >> be nice if RFC 1750 could be (more) useful to implementers. > > RFC 1750 was obsoleted by RFC 4086 in 2005. That's still a while > back so maybe improvements to that could be made, > > Cheers, > S > >> >> /Simon >> _______________________________________________ >> saag mailing list >> saag@ietf.org >> https://www.ietf.org/mailman/listinfo/saag >> >>
- Re: [saag] Additions to RFC 3631? Yaron Sheffer
- Re: [saag] Additions to RFC 3631? Eliot Lear
- Re: [saag] Additions to RFC 3631? Mouse
- Re: [saag] Additions to RFC 3631? Simon Josefsson
- [saag] Additions to RFC 3631? Steven Bellovin
- Re: [saag] Additions to RFC 3631? Mouse
- Re: [saag] Additions to RFC 3631? Simon Josefsson
- Re: [saag] Additions to RFC 3631? Stephen Farrell
- Re: [saag] Additions to RFC 3631? Yaron Sheffer
- Re: [saag] Additions to RFC 3631? Eliot Lear
- Re: [saag] Additions to RFC 3631? Steven Bellovin
- Re: [saag] Additions to RFC 3631? Paul Hoffman
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Joe Touch
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Steven Bellovin
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] Additions to RFC 3631? Steven Bellovin
- Re: [saag] Additions to RFC 3631? Yaron Sheffer
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Jeffrey Hutzelman
- Re: [saag] Additions to RFC 3631? Joe Touch
- Re: [saag] Additions to RFC 3631? Hannes Tschofenig
- Re: [saag] Additions to RFC 3631? Nico Williams
- Re: [saag] Additions to RFC 3631? Steven Bellovin
- Re: [saag] Additions to RFC 3631? Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [saag] Additions to RFC 3631? Steve Crocker
- Re: [saag] Additions to RFC 3631? Tschofenig, Hannes (NSN - FI/Espoo)