Re: [secdir] Review of

Derek Atkins <derek@ihtfp.com> Mon, 11 January 2010 18:40 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 60E4A3A6836 for <secdir@core3.amsl.com>; Mon, 11 Jan 2010 10:40:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rZN1qP1PWXq4 for <secdir@core3.amsl.com>; Mon, 11 Jan 2010 10:40:13 -0800 (PST)
Received: from mail.ihtfp.org (MAIL.IHTFP.ORG [204.107.200.6]) by core3.amsl.com (Postfix) with ESMTP id 51A463A63C9 for <secdir@ietf.org>; Mon, 11 Jan 2010 10:40:13 -0800 (PST)
Received: from pgpdev.ihtfp.org (unknown [208.97.228.244]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "cliodev.ihtfp.com", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail.ihtfp.org (Postfix) with ESMTP id 2BD848B4005; Mon, 11 Jan 2010 13:40:09 -0500 (EST)
Received: (from warlord@localhost) by pgpdev.ihtfp.org (8.14.3/8.14.2/Submit) id o0BIe64I025573; Mon, 11 Jan 2010 13:40:06 -0500
To: Hilarie Orman <ho@alum.mit.edu>
References: <201001110630.o0B6UCdj008625@fermat.rhmr.com>
From: Derek Atkins <derek@ihtfp.com>
Date: Mon, 11 Jan 2010 13:40:05 -0500
In-Reply-To: <201001110630.o0B6UCdj008625@fermat.rhmr.com> (Hilarie Orman's message of "Sun\, 10 Jan 2010 23\:30\:12 -0700")
Message-ID: <sjmljg41o56.fsf@pgpdev.ihtfp.org>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kanno-s@po.ntts.co.jp, kanda.masayuki@lab.ntt.co.jp, akato@po.ntts.co.jp, secdir@ietf.org
Subject: Re: [secdir] Review of
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jan 2010 18:40:14 -0000

"Hilarie Orman" <ho@alum.mit.edu> writes:

> Camellia Cipher Suites for TLS
> draft-kato-tls-rfc4132bis-04
>
> Do not be alarmed.  I have reviewed this document as part of the
> security directorate's ongoing effort to review all IETF documents
> being processed by the IESG.  These comments were written primarily
> for the benefit of the security area directors.  Document editors and
> WG chairs should treat these comments just like any other last call
> comments.
>
> The document is intended to define identifiers for 12 new
> ciphersuites for TLS.  The suites are duplicates of
> existing ones, except that they use HMAC-SHA-256 instead of
> HMAC-SHA.  The suites are restricted to implementations
> of TLS 1.2 and later.
>
> The only oddity in the document is that the identifiers for the new
> suites are TBD.  The document states:
>
>  "IANA is requested to allocate (has allocated) the following numbers
>  in the TLS Cipher Suite Registry:"
>
> Are the authors supposed to submit the document and update the numbers
> per IANA advice at some later time?  The wording indicates some
> confusion over this point.

The IANA Considerations are written so that it reads correctly before
and after IANA processes the request.  The RFC-Editor will work with
IANA and fill in the correct values once it's been processed, so I don't
think this should be a major concern.

> Hilarie

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant