Re: [tcpm] Last Call: <draft-ietf-tcpm-ao-test-vectors-04.txt> (TCP-AO Test Vectors) to Informational RFC
Russ Housley <housley@vigilsec.com> Tue, 18 January 2022 21:16 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ED513A0922; Tue, 18 Jan 2022 13:16:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gBwTcLz98ZcU; Tue, 18 Jan 2022 13:16:25 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5C553A0920; Tue, 18 Jan 2022 13:16:24 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 5A9B3AC9C3; Tue, 18 Jan 2022 16:16:23 -0500 (EST)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 4762BAD0A8; Tue, 18 Jan 2022 16:16:23 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <164253655880.26635.5149440454996391703@ietfa.amsl.com>
Date: Tue, 18 Jan 2022 16:16:22 -0500
Cc: tcpm@ietf.org, tcpm-chairs@ietf.org, draft-ietf-tcpm-ao-test-vectors@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <5270D4B5-4E42-4A40-9DC2-7ADEDB8D25CE@vigilsec.com>
References: <164253655880.26635.5149440454996391703@ietfa.amsl.com>
To: Last Call <last-call@ietf.org>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/aVxM4pUQO4Gz_peiwPIL6b-YfNk>
Subject: Re: [tcpm] Last Call: <draft-ietf-tcpm-ao-test-vectors-04.txt> (TCP-AO Test Vectors) to Informational RFC
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jan 2022 21:16:29 -0000
The introduction of the document begins: This document provides test vectors to validate the correct implementation of the TCP Authentication Option (TCP-AO) [RFC5925] and its mandatory cryptographic algorithms defined in [RFC5926]. I expected to see discussion of the algorithms that are in the table of contents in RFC 5926. However, these algorithm names are not used. Using different algorithm name add confusion. For the Key Derivation Functions (KDFs), please use the names in RFC 5926: KDF_HMAC_SHA1and KDF_AES_128_CMAC. For the MAC Algorithms, please use the names in RFC 5926: HMAC-SHA-1-96 and AES-128-CMAC-96. Thank for you consideration, Russ > On Jan 18, 2022, at 3:09 PM, The IESG <iesg-secretary@ietf.org> wrote: > > > The IESG has received a request from the TCP Maintenance and Minor Extensions > WG (tcpm) to consider the following document: - 'TCP-AO Test Vectors' > <draft-ietf-tcpm-ao-test-vectors-04.txt> as Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits final > comments on this action. Please send substantive comments to the > last-call@ietf.org mailing lists by 2022-02-01. Exceptionally, comments may > be sent to iesg@ietf.org instead. In either case, please retain the beginning > of the Subject line to allow automated sorting. > > Abstract > > > This document provides test vectors to validate implementations of > the two mandatory authentication algorithms specified for the TCP > Authentication Option over both IPv4 and IPv6. This includes > validation of the key derivation function (KDF) based on a set of > test connection parameters as well as validation of the message > authentication code (MAC). Vectors are provided for both currently > required pairs of KDF and MAC algorithms: one based on SHA-1 and the > other on AES-128. The vectors also validate both whole TCP segments > as well as segments whose options are excluded for middlebox > traversal.
- [tcpm] Last Call: <draft-ietf-tcpm-ao-test-vector… The IESG
- Re: [tcpm] Last Call: <draft-ietf-tcpm-ao-test-ve… Russ Housley
- Re: [tcpm] [Last-Call] Last Call: <draft-ietf-tcp… touch@strayalpha.com
- Re: [tcpm] [Last-Call] Last Call: <draft-ietf-tcp… touch@strayalpha.com