[secdir] Review of

"Hilarie Orman" <ho@alum.mit.edu> Mon, 11 January 2010 06:31 UTC

Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 30F4B3A6902 for <secdir@core3.amsl.com>; Sun, 10 Jan 2010 22:31:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HpI3CbQ4wJOD for <secdir@core3.amsl.com>; Sun, 10 Jan 2010 22:31:26 -0800 (PST)
Received: from out02.mta.xmission.com (out02.mta.xmission.com [166.70.13.232]) by core3.amsl.com (Postfix) with ESMTP id 67D3D3A688A for <secdir@ietf.org>; Sun, 10 Jan 2010 22:31:26 -0800 (PST)
Received: from mx02.mta.xmission.com ([166.70.13.212]) by out02.mta.xmission.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <hilarie@purplestreak.com>) id 1NUDoA-0008LD-1k; Sun, 10 Jan 2010 23:31:22 -0700
Received: from 166-70-57-249.ip.xmission.com ([166.70.57.249] helo=fermat.rhmr.com) by mx02.mta.xmission.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <hilarie@purplestreak.com>) id 1NUDo7-0003cV-PJ; Sun, 10 Jan 2010 23:31:21 -0700
Received: from fermat.rhmr.com (localhost [127.0.0.1]) by fermat.rhmr.com (8.14.3/8.14.3/Debian-9ubuntu1) with ESMTP id o0B6UDV9008634; Sun, 10 Jan 2010 23:30:13 -0700
Received: (from ho@localhost) by fermat.rhmr.com (8.14.3/8.14.3/Submit) id o0B6UCdj008625; Sun, 10 Jan 2010 23:30:12 -0700
Date: Sun, 10 Jan 2010 23:30:12 -0700
Message-Id: <201001110630.o0B6UCdj008625@fermat.rhmr.com>
X-Authentication-Warning: fermat.rhmr.com: ho set sender to hilarie using -f
From: "Hilarie Orman" <ho@alum.mit.edu>
To: secdir@ietf.org
X-XM-SPF: eid=; ; ; mid=; ; ; hst=mx02.mta.xmission.com; ; ; ip=166.70.57.249; ; ; frm=hilarie@purplestreak.com; ; ; spf=none
X-XM-DomainKey: sender_domain=alum.mit.edu; ; ; sender=ho@alum.mit.edu; ; ; status=error
X-SA-Exim-Connect-IP: 166.70.57.249
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa03 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ;secdir@ietf.org
X-Spam-Relay-Country:
X-SA-Exim-Version: 4.2.1 (built Thu, 25 Oct 2007 00:26:12 +0000)
X-SA-Exim-Scanned: Yes (on mx02.mta.xmission.com)
Cc: kanno-s@po.ntts.co.jp, kanda.masayuki@lab.ntt.co.jp, akato@po.ntts.co.jp
Subject: [secdir] Review of
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Hilarie Orman <ho@alum.mit.edu>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jan 2010 06:31:27 -0000

Camellia Cipher Suites for TLS
draft-kato-tls-rfc4132bis-04

Do not be alarmed.  I have reviewed this document as part of the
security directorate's ongoing effort to review all IETF documents
being processed by the IESG.  These comments were written primarily
for the benefit of the security area directors.  Document editors and
WG chairs should treat these comments just like any other last call
comments.

The document is intended to define identifiers for 12 new
ciphersuites for TLS.  The suites are duplicates of
existing ones, except that they use HMAC-SHA-256 instead of
HMAC-SHA.  The suites are restricted to implementations
of TLS 1.2 and later.

The only oddity in the document is that the identifiers for the new
suites are TBD.  The document states:

 "IANA is requested to allocate (has allocated) the following numbers
 in the TLS Cipher Suite Registry:"

Are the authors supposed to submit the document and update the numbers
per IANA advice at some later time?  The wording indicates some
confusion over this point.

Hilarie