Re: [secdir] Review of draft-kato-tls-rfc4132bis-04

Samuel Weiler <weiler@watson.org> Thu, 14 January 2010 14:10 UTC

Return-Path: <weiler@watson.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A065C3A6873 for <secdir@core3.amsl.com>; Thu, 14 Jan 2010 06:10:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.099
X-Spam-Level:
X-Spam-Status: No, score=-4.099 tagged_above=-999 required=5 tests=[AWL=-1.500, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZJTNjCNeL3ZT for <secdir@core3.amsl.com>; Thu, 14 Jan 2010 06:09:59 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by core3.amsl.com (Postfix) with ESMTP id BF6F93A67D9 for <secdir@ietf.org>; Thu, 14 Jan 2010 06:09:59 -0800 (PST)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.3/8.14.3) with ESMTP id o0EE9te3043460; Thu, 14 Jan 2010 09:09:55 -0500 (EST) (envelope-from weiler@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.3/8.14.3/Submit) with ESMTP id o0EE9rC9043454; Thu, 14 Jan 2010 09:09:53 -0500 (EST) (envelope-from weiler@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Thu, 14 Jan 2010 09:09:53 -0500 (EST)
From: Samuel Weiler <weiler@watson.org>
To: Hilarie Orman <ho@alum.mit.edu>
In-Reply-To: <201001110630.o0B6UCdj008625@fermat.rhmr.com>
Message-ID: <alpine.BSF.2.00.1001140904580.41024@fledge.watson.org>
References: <201001110630.o0B6UCdj008625@fermat.rhmr.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Thu, 14 Jan 2010 09:09:55 -0500 (EST)
Cc: kanno-s@po.ntts.co.jp, kanda.masayuki@lab.ntt.co.jp, akato@po.ntts.co.jp, secdir@ietf.org
Subject: Re: [secdir] Review of draft-kato-tls-rfc4132bis-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: secdir-secretary@mit.edu
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2010 14:10:00 -0000

(I'm replying in part to change the Subject line to include the 
draft name, since that's how our ADs and others find these reviews.)

And Derek's right about IANA.  For most IANA registries, IANA isn't 
supposed to give the assignment until the doc is published.  The TBA 
placeholder and future-tense text will get replaced during the 
publication cycle when the assignment is made.  Some docs suggest a 
particular number to IANA, if only implicitly, but that's not 
necessary.

-- Sam

On Sun, 10 Jan 2010, Hilarie Orman wrote:

> Camellia Cipher Suites for TLS
> draft-kato-tls-rfc4132bis-04
>
> Do not be alarmed.  I have reviewed this document as part of the
> security directorate's ongoing effort to review all IETF documents
> being processed by the IESG.  These comments were written primarily
> for the benefit of the security area directors.  Document editors and
> WG chairs should treat these comments just like any other last call
> comments.
>
> The document is intended to define identifiers for 12 new
> ciphersuites for TLS.  The suites are duplicates of
> existing ones, except that they use HMAC-SHA-256 instead of
> HMAC-SHA.  The suites are restricted to implementations
> of TLS 1.2 and later.
>
> The only oddity in the document is that the identifiers for the new
> suites are TBD.  The document states:
>
> "IANA is requested to allocate (has allocated) the following numbers
> in the TLS Cipher Suite Registry:"
>
> Are the authors supposed to submit the document and update the numbers
> per IANA advice at some later time?  The wording indicates some
> confusion over this point.
>
> Hilarie
> _______________________________________________
> secdir mailing list
> secdir@ietf.org
> https://www.ietf.org/mailman/listinfo/secdir
>
>