[tcpm] Re: draft-ietf-tcpm-tcp-ao-algs
Eric Biggers <ebiggers@google.com> Mon, 01 June 2026 18:30 UTC
Return-Path: <ebiggers@google.com>
X-Original-To: tcpm@mail2.ietf.org
Delivered-To: tcpm@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id AC72CF8D2115 for <tcpm@mail2.ietf.org>; Mon, 1 Jun 2026 11:30:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1780338642; bh=xDhYV+BlC2aKCXecsu5qmym+L0rPjbqf8KK8jaXZ1mA=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=ItgfatLS6GiHSHsVuA96g2Ginit/RyPf315c2qFrCEwPShTRlc3Fneu3eU8Ooat6V D4OvvihOuFDgzKOIdQb5vzGEjaDyUdmzh0HutrIa8Sd5PIATn/Mt4xpQcuQTDXF993 PhlE5vnN8FxTiWW5oFwvGP2hox5qPAgKShSFIY2g=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -17.601
X-Spam-Level:
X-Spam-Status: No, score=-17.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rII6rMyXb_nZ for <tcpm@mail2.ietf.org>; Mon, 1 Jun 2026 11:30:41 -0700 (PDT)
Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 0AC97F8D209D for <tcpm@ietf.org>; Mon, 1 Jun 2026 11:30:14 -0700 (PDT)
Received: by mail-pl1-x62d.google.com with SMTP id d9443c01a7336-2bf20f6be6bso19735235ad.3 for <tcpm@ietf.org>; Mon, 01 Jun 2026 11:30:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1780338613; x=1780943413; darn=ietf.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=6Sfdx14sYUCrdIZjdr/GdeP43bZO6HdaSPKfYnhf8Y8=; b=tBqwY7PCnt21GpgfqLh3ZXbR7OiRHc1g7EKi0gMw4HwzF1XsbOEV4T14GH3FgIbCRO xGCA6CxlfUhmVlbShzW4qARxP8cf5yTjCR/SidQoGxx70V9cm2E8MEHnZvhfTz9dBCg+ tecj3ZNyf+b6+Ps/7MUnsDkoROInClZpt2zyVuoVsH7GKzZZLvPYe4N5SLJ9SyO93aIk nbKwx/Fz4wO2pakHpvX4a2BzH040IYXxSIhEBDPYW2VTICRpRkjXoHszvQtAbNroa4LB 7Ecu6Mr+zCGZtocy9c4nYAwlVhyYEMFi2K5cZqzVbNZiDMDU1AfrxfrMn9O5KUQqFa+U 1KQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1780338613; x=1780943413; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6Sfdx14sYUCrdIZjdr/GdeP43bZO6HdaSPKfYnhf8Y8=; b=oa2eMf9ACcsAocy04E6UnsJeOZdANdl17Hkj4kYSiqBN5CYQeSRIV1t1/4gSFVkBFn A+XVDGmYKNqYhoez7ckaDLMMHMJ0jD6+f8UN4/0bQEjE+G/8/BFeXQp2OLNJj7bbioaJ mzTu7EGHenloWh6J8AfVV7Jia8TLGQMoBj1/Ssyf33mi3nsio2Lh7diEAgzamF/XtGcv Fk7IK9Pfkb6QSIinj2vFty04PSCkl+q3mJbFKXfboBrtuF0/CK1pjSBrfXb+xSk7579d hhWR+Pay+BOCxUJbBCGlGy43+JWagTaeAYg5A4gxdWnlhx2KK7GL7leGg+NlyiGVez8H x1rg==
X-Gm-Message-State: AOJu0YxlYzOFiUHvC4+mJlJpBfvIDGkwAmgnCHTOSLyULuhlG0MOABqb 8utVoiy0YmdUFqQMuMI0wKOUvhV7sLptmZjNrz/2aBx8isdVWKJRK/RrO9tzVb/RJUfqbp+KM+e lM+WJGg==
X-Gm-Gg: Acq92OGXt5Vi419ptPrBLU4iDd4VsWubI8ydoDA3Wm+LY33PPoJUhsoQjhxMChN84tf 8gx9X0I4HlVzCl1Z9LR8z82HAiM9408QSW6S4Xvtdv+lFUjKGc7uJXh1x6eHHm9A9v0ED52xtWM nWi5jFfCzKU2o99tcy1d/jWnHkbahpRULcRJgdrJB9nOeUPdcbW/Gv//PcWKSK3JvACve5iZHAn zwd4/IGcCSmwiNx2m8JTwp5qL4c94/n6bimO7toqeJHcQR7j6RkdIWHMjkFGYTLV0zUTuXoAPTP e9iX2QUtduvC3jchKTlUIk9bdA/wWaVoY9tGr6znKwjfCAZpETVTVU73lXIbDxDpWCCzMaOr9Jc vtWere361vlYhESVg3JOpP3ExMnnNWC0Olau919EDLkTspIu3/JFdyBjbpXQ1lLnFlRHjumZIS8 LVbCNDJ8RajuCaedqnvHJdG8nWAGaO7iCEaofYkppi0KkOUdTmD2Wz9Q5Yx/flLJxW5wOMf+Z9Y Q==
X-Received: by 2002:a17:902:d2cd:b0:2c0:ab82:6b99 with SMTP id d9443c01a7336-2c0ab826c73mr112203645ad.33.1780338612427; Mon, 01 Jun 2026 11:30:12 -0700 (PDT)
Received: from google.com (160.79.125.34.bc.googleusercontent.com. [34.125.79.160]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2bf23b001a8sm114260125ad.40.2026.06.01.11.30.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Jun 2026 11:30:11 -0700 (PDT)
Date: Mon, 01 Jun 2026 18:30:07 +0000
From: Eric Biggers <ebiggers@google.com>
To: "Bonica, Ron" <ronald.bonica=40hpe.com@dmarc.ietf.org>
Message-ID: <20260601183007.GA1222704@google.com>
References: <DM4PR84MB2310862C35952E1CA1580D6EF4092@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM> <DM4PR84MB23104784C76B96385E84E985F4092@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM> <20260529012756.GA11685@google.com> <DM4PR84MB2310809E3A97FD4FCF2C5DDCF4162@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <DM4PR84MB2310809E3A97FD4FCF2C5DDCF4162@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM>
Message-ID-Hash: 7NQC6Z5WBFQUM5XURAES22NNAP4VLJHG
X-Message-ID-Hash: 7NQC6Z5WBFQUM5XURAES22NNAP4VLJHG
X-MailFrom: ebiggers@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tcpm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tcpm IETF list <tcpm@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/bSgICW5ZkHgjhZLoVa7xOGpG8LU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Owner: <mailto:tcpm-owner@ietf.org>
List-Post: <mailto:tcpm@ietf.org>
List-Subscribe: <mailto:tcpm-join@ietf.org>
List-Unsubscribe: <mailto:tcpm-leave@ietf.org>
On Fri, May 29, 2026 at 10:10:51PM +0000, Bonica, Ron wrote: > Eric, > > Thanks for the careful review. I have just posted a new version and hope that it addresses all your concerns. > > Please take a close look at Section 3.2.2. Spending an afternoon with SP 800-56C Revision 2 has left me cross-eyed and perspiring ;-) Shouldn't there be an appendix with test vectors for the KDFs? That would be helpful for implementers to test that they implemented them correctly. There should be a citation to https://doi.org/10.6028/NIST.SP.800-185 for the definition of KMAC256. Overall, I think there are still opportunities to present the information in a more straightforward way, especially when defining the KDFs. For example, both of the new KDFs are used only to generate 32 bytes of output. Yet, the text has generic language like "L is the Output_length argument provided to the KDF interface divided by 8" and "The output key length depend on the specific cryptographic algorithms for which the keys are needed." So the reader then has to refer to other parts of the text to find that actually L is just 32. I guess the intent was to logically decouple the KDFs from the MAC algorithms. But that doesn't reflect the reality where they are indeed coupled so that the KDF and MAC use consistent algorithms. - Eric
- [tcpm] draft-ietf-tcpm-tcp-ao-algs Bonica, Ron
- [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs Bonica, Ron
- [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs Eric Biggers
- [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs Bonica, Ron
- [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs Eric Biggers
- [tcpm] Re: draft-ietf-tcpm-tcp-ao-algs Bonica, Ron