[TLS] [Errata Held for Document Update] RFC7905 (5251)
RFC Errata System <rfc-editor@rfc-editor.org> Mon, 18 March 2024 04:04 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46CFCC14F6BE; Sun, 17 Mar 2024 21:04:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.658
X-Spam-Level:
X-Spam-Status: No, score=-6.658 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MJVGu6ckm-Rt; Sun, 17 Mar 2024 21:03:56 -0700 (PDT)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48A57C14F6BD; Sun, 17 Mar 2024 21:03:56 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 29663202B6; Sun, 17 Mar 2024 21:03:56 -0700 (PDT)
To: xavier.bonnetain@inria.fr, agl@google.com, wtc@google.com, nmav@redhat.com, joachim@secworks.se, simon@josefsson.org
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: paul.wouters@aiven.io, iesg@ietf.org, tls@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20240318040356.29663202B6@rfcpa.amsl.com>
Date: Sun, 17 Mar 2024 21:03:56 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/f4MmNGJ7_WH14O7Pj6qEg2lZEdw>
Subject: [TLS] [Errata Held for Document Update] RFC7905 (5251)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 04:04:01 -0000
The following errata report has been held for document update for RFC7905, "ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5251 -------------------------------------- Status: Held for Document Update Type: Technical Reported by: Xavier Bonnetain <xavier.bonnetain@inria.fr> Date Reported: 2018-02-01 Held by: Paul Wouters (IESG) Section: 4. Security Original Text ------------- Poly1305 is designed to ensure that forged messages are rejected with a probability of 1-(n/2^107), where n is the maximum length of the input to Poly1305. In the case of (D)TLS, this means a maximum forgery probability of about 1 in 2^93. Corrected Text -------------- Poly1305 is designed to ensure that forged messages are rejected with a probability of 1-(n/2^106), where n is the maximum length of the input to Poly1305. In the case of (D)TLS, this means a maximum forgery probability of about 1 in 2^92. Notes ----- The security claimed on poly1305 is slightly beyond what was proven by the designer (see https://cr.yp.to/mac/poly1305-20050329.pdf), and the trivial forgery attempt with a message of length 1 succeeds with probability 2^{-106}. Paul Wouters(AD): See https://mailarchive.ietf.org/arch/msg/tls/dBMIsLsaA7XevXpd9hzJ6skMqE4/ -------------------------------------- RFC7905 (draft-ietf-tls-chacha20-poly1305-04) -------------------------------------- Title : ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) Publication Date : June 2016 Author(s) : A. Langley, W. Chang, N. Mavrogiannopoulos, J. Strombergson, S. Josefsson Category : PROPOSED STANDARD Source : Transport Layer Security Stream : IETF Verifying Party : IESG
- [TLS] [Errata Held for Document Update] RFC7905 (… RFC Errata System