• Revised I-D Needed - Issue raised by WG
  • Awaiting Expert Review/Resolution of Issues Raised
  • Awaiting External Review/Resolution of Issues Raised
  • Awaiting Merge with Other Document
  • Author or Editor Needed
  • Waiting for Referenced Document
  • Waiting for Referencing Document
  • Revised I-D Needed - Issue raised by WGLC
  • Revised I-D Needed - Issue raised by AD
  • Revised I-D Needed - Issue raised by IESG
  • Doc Shepherd Follow-up Underway
  • Other - see Comment Log

IETF :: krb-wg

Current state: Submitted to IESG for Publication

Viewing the last 20 entries. Show full log.

2012-11-20 00:23 (System)

RFC published

2012-10-09 12:06 (System)

IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor

2012-10-04 13:09 (System)

IANA Action state changed to Waiting on RFC Editor from Waiting on Authors

2012-10-03 13:23 (System)

IANA Action state changed to Waiting on Authors from In Progress

2012-10-03 12:20 Amy Vezza

State changed to RFC Ed Queue from Approved-announcement sent

2012-10-03 11:43 (System)

IANA Action state changed to In Progress

2012-10-03 07:04 Amy Vezza

State changed to Approved-announcement sent from Approved-announcement to be sent::Point Raised - writeup needed

2012-10-03 07:04 Amy Vezza

IESG has approved the document

2012-10-03 07:04 Amy Vezza

Closed "Approve" ballot

2012-10-03 07:04 Amy Vezza

Ballot approval text was generated

2012-10-03 07:03 Amy Vezza

Ballot writeup was changed

2012-10-02 03:36 Stephen Farrell

Ballot writeup was changed

2012-10-01 12:59 Greg Hudson

New revision available

2012-09-27 10:00 Cindy Morgan

State changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation

2012-09-27 07:45 Gonzalo Camarillo

[Ballot Position Update] New position, No Objection, has been recorded for Gonzalo Camarillo

2012-09-27 07:26 Sean Turner

[Ballot comment]
From the secdir review:

As noted by Russ: is it random-to-key or random2key in s3/4?

In s4, please reference section 6 for random-to-key and RFC 3961 for k-truncate as well

In s3, what's the format for the string-to-key.

Encryption and decryption description in section 6 seems a little incomplete. In particular the setting of newstate seems to be missing in the encryption. In the decryption perhaps you should define how newIV is determined.

2012-09-27 07:26 Sean Turner

[Ballot Position Update] Position for Sean Turner has been changed to No Objection from No Record

2012-09-27 04:15 Adrian Farrel

[Ballot comment]
I've cleared my Discuss after reading email from Ken Raeburn as designated expert.

However, Ken made a number of comments (captured below) that you may want to consider for a revised version...

> It might help to explicitly call out RFC3962 as the reference
> to use for the CTS description in section 6 where "CBC-CTS mode"
> is mentioned, as a couple different approaches have been discussed
> for handling the case where the plain text is a multiple of the
> block size. (Do you swap the last cipher text blocks for
> consistency with the non-multiple case regardless of how full the
> last block is, or is the "stealing" only a fix for handling non-
> multiple cases and normal CBC should be used otherwise? We went
> with always swapping, as done in RFC 2040 as well.) My vague
> recollection is that it wasn't always clear from the various
> descriptions of CTS that you could find on the net at the time
> which way it should go, but I haven't looked into the matter in a
> long time. It's probably best to discourage the reader from going
> and looking up CTS definitions from other, vague sources and
> possibly drawing different conclusions; if we want them to do the
> same as we do for AES, just point them at the AES spec. The only
> other link between CTS as used here and RFC 3962 is in the
> introduction where the AES encryption types are mentioned, which
> may not be a strong enough link.
>
> Just adding "[RFC3962]" after the first use of "CBC-CTS mode" there
> should be adequate.
>
> That's the only thing I'd bring up with my designated-expert hat on
> -- a minor issue of clarity and interoperability, and I could
> possibly be convinced that it's clear enough already.
>
> But as long as I'm going over the document, a couple of very minor
> editorial points:
>
> Section 6 is called "Kerberos Algorithm Protocol Parameters" and
> section 7 is called "Checksum Parameters", but both are for Kerberos,
> and the first is for an encryption algorithm specifically. I'd
> suggest using something like "Encryption Algorithm Parameters"
> (dropping "protocol" too) and "Checksum Algorithm Parameters",
> perhaps with "Kerberos" on the front of both, or not...
>
> Appendix A has the "author" (singular) acknowledging people for
> reviews and feedback but no contributions of text, and in the
> Author's Address section, Greg is listed as "editor" and no other
> names are given. Is Greg the only author, in which case he doesn't
> need to be describe as "editor"? Should some people be acknowledged
> for text contributions too?

2012-09-27 04:15 Adrian Farrel

Ballot comment text updated for Adrian Farrel

2012-09-27 04:10 Adrian Farrel

[Ballot comment]
I've cleared my Discuss after reading email from Ken Raeburn as designated expert.

However, Ken made a number of comments (capturedbelow)that you may want to consider for a revised version...

> It might help to explicitly call out RFC3962 as the reference to use for the CTS
> description in section 6 where "CBC-CTS mode" is mentioned, as a couple
> different approaches have been discussed for handling the case where the plain
> text is a multiple of the block size. (Do you swap the last cipher text blocks for
> consistency with the non-multiple case regardless of how full the last block is, or
> is the "stealing" only a fix for handling non-multiple cases and normal CBC should
> be used otherwise? We went with always swapping, as done in RFC 2040 as
> well.) My vague recollection is that it wasn't always clear from the various
> descriptions of CTS that you could find on the net at the time which way it should
> go, but I haven't looked into the matter in a long time. It's probably best to
> discourage the reader from going and looking up CTS definitions from other,
> vague sources and possibly drawing different conclusions; if we want them to do
> the same as we do for AES, just point them at the AES spec. The only other link
> between CTS as used here and RFC 3962 is in the introduction where the AES
> encryption types are mentioned, which may not be a strong enough link.
>
> Just adding "[RFC3962]" after the first use of "CBC-CTS mode" there should be
> adequate.
>
> That's the only thing I'd bring up with my designated-expert hat on -- a minor
> issue of clarity and interoperability, and I could possibly be convinced that it's
> clear enough already.
>
> But as long as I'm going over the document, a couple of very minor editorial
> points:
>
> Section 6 is called "Kerberos Algorithm Protocol Parameters" and section 7 is
> called "Checksum Parameters", but both are for Kerberos, and the first is for an
> encryption algorithm specifically. I'd suggest using something like "Encryption
> Algorithm Parameters" (dropping "protocol" too) and "Checksum Algorithm
> Parameters", perhaps with "Kerberos" on the front of both, or not...
>
> Appendix A has the "author" (singular) acknowledging people for reviews and
> feedback but no contributions of text, and in the Author's Address section, Greg
> is listed as "editor" and no other names are given. Is Greg the only author, in
> which case he doesn't need to be describe as "editor"? Should some people be
> acknowledged for text contributions too?

Viewing the last 20 entries. Show full log.