[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

response to Last Call on: IP Authentication using Keyed MD5



Now that it may finally be on the table to do something about
draft-ietf-ipsec-ah-md5-03.txt
I would like to remind this community that not only
should the MAC be defined independent of
its intended use, so too should the encryption transform.
I did this two months ago
(Internet Draft draft-rogaway-cbc-encrypt-00.txt -- the suggested
replacement to what is now draft-ietf-ipsec-esp-des-cbc-04.txt).
I received 0 (zero) comments on this work, and the revised IPSEC
document (draft-ietf-ipsec-esp-des-cbc-04.txt) was non-responsive.
This despite the fact that not only
is the transform in draft-ietf-ipsec-esp-des-cbc-04.txt
intertwined with its use, but its description has at least two
major technical errors.  These were already pointed out in earlier notes:
incorrectly asserting that the mechanism provides integrity,
and incorrectly stating that a counter provides as an acceptable IV.



Phil Rogaway