Re: [secdir] SECDIR Review of draft-ietf-lamps-rfc5990bis-05
Russ Housley <housley@vigilsec.com> Tue, 23 April 2024 14:11 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 827C7C14F6E4; Tue, 23 Apr 2024 07:11:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=vigilsec.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l9z5uo9tG06B; Tue, 23 Apr 2024 07:11:14 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC796C14F6FF; Tue, 23 Apr 2024 07:11:13 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id EAFF0128DC7; Tue, 23 Apr 2024 10:11:12 -0400 (EDT)
Received: from smtpclient.apple (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id BE714129005; Tue, 23 Apr 2024 10:11:12 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CAF4+nEHOBxpdVj-b1-VDAFRJpKyp9+xykVaY1XJUOmuDb=+HiA@mail.gmail.com>
Date: Tue, 23 Apr 2024 10:11:02 -0400
Cc: IESG <iesg@ietf.org>, IETF SecDir <secdir@ietf.org>, draft-ietf-lamps-rfc5990bis.all@ietf.org
Content-Transfer-Encoding: 7bit
Message-Id: <EB0522B9-B1BA-47C1-A24E-01DB77FE2977@vigilsec.com>
References: <CAF4+nEHOBxpdVj-b1-VDAFRJpKyp9+xykVaY1XJUOmuDb=+HiA@mail.gmail.com>
To: Donald Eastlake <d3e3e3@gmail.com>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vigilsec.com; h=content-type:mime-version:subject:from:in-reply-to:date:cc:content-transfer-encoding:message-id:references:to; s=pair-202402141609; bh=4dCrEhspwbSRJda2DNj2gBuf52TrzFcGtNBsdLGlF3Q=; b=SgUKdRCiugnsb/yJGk2rFCgvsPzsLgxG7+YEc10UgqcQPdakqGmB9LUrgQY8UV+fIPPpvjf7m4XSUjAMI6UJwkDX6+uNWmf0YteKiBgwpsKc01wOti+V1inieXCHekMxR9gm3LcgoTPp7AKAcO9M/zwPb/QydApi6bNHc8K6CXqf6BpQOzFQ6YlRljBsrh4pH1OUieXbF2M2m9uFLiLVVLry2t7zh73p3ImjTrXMyNxU/e4/Y9vbTUerS8HN07JohgLzMoanHA4s6c1BD7D2FoJ2vLHw5xME/+WXzlk+9lMpe2EIE7WsprguA6RCGdWqQrf2amOzjiYX9GJeDOtD1A==
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/dv3dXGgGvzPWKAo-mKAjbm3ifcY>
Subject: Re: [secdir] SECDIR Review of draft-ietf-lamps-rfc5990bis-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2024 14:11:19 -0000
Donald: Thanks for the review. > Trivia: > > Note duplicated phrase in the 2nd sentence of this paragraph: > The RSA-KEM Algorithm provides a fixed-length ciphertext. The > recipient MUST check that the received byte string is the expected > length and the expected length and corresponds to an integer in the > expected range prior to attempting decryption with their RSA private > key as described in Steps 1 and 2 of Appendix A.2. s/length and the expected length and corresponds/length and corresponds/ > Appendix A: Inconsistent capitalization: SS, ss s/same shared secret (ss)/same shared secret (SS)/ Also noticed: s/ssLen bytes fron/ssLen bytes from/ Russ
- [secdir] SECDIR Review of draft-ietf-lamps-rfc599… Donald Eastlake
- Re: [secdir] SECDIR Review of draft-ietf-lamps-rf… Russ Housley
- Re: [secdir] SECDIR Review of draft-ietf-lamps-rf… Russ Housley
- Re: [secdir] SECDIR Review of draft-ietf-lamps-rf… Donald Eastlake