[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on AH and ESP drafts
At 07:22 PM 10/17/97 -0400, Stephen Kent wrote:
[big snip]
>>5. Section 3.4.5, bullet item 2: if the receiver knows what the
>>padding values will be (e.g. the WK padding is used), the receiver
>>may check the padding values instead of simply ignoring them.
>>Someone argued that using a WK padding scheme would help to
>>check for decryption failures.
>
>I think the agreement has been that checking for WK padding was optional at
>the receiver. We didn't require checking as that really is not a
>decryption failure but rather a (generally weak) form of integrity
>checking. Since we have an explicit integrity/authentication facility, the
>WG wanted to downplay the use of this field for that purpose. We can
>revise the text in this bullet to state that inbound processing of the
>padding is specific to the encryption algorithm spec, instead of just
>calling for the padding to be removed.
If the ESP draft is changed to state that "...inbound processing of the
padding is specific to the encryption algorithm spec", then I suggest that,
like padding values themselves, the default inbound processing remains in
the ESP draft and allows alternate inbound processing that can be specified
in the encryption algorithm specs; otherwise the algorithm specs will have
to be updated to be explicit about the way they handle padding on receipt.
Regardless, the handling of padding MUST be tied to the encryption
algorithm as that is the only method that both parties know what to do
(unless an ISAKMP "padding handling" attribute were to be added created;
NOT something I'm suggesting).
-Bob
References: