Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS)
draft-ietf-lamps-cms-aes-gmac-alg-05

Yes

Roman Danyliw

No Objection

Erik Kline

Murray Kucherawy

Warren Kumari

Éric Vyncke

(Alissa Cooper)

(Alvaro Retana)

(Barry Leiba)

(Benjamin Kaduk)

(Deborah Brungard)

(Magnus Westerlund)

(Martin Duke)

(Martin Vigoureux)

(Robert Wilton)

Note: This ballot was opened for revision 03 and is now closed.

Roman Danyliw

Yes

Erik Kline

No Objection

Murray Kucherawy

No Objection

Warren Kumari

No Objection

Comment (2021-02-25 for -03) Not sent

Thank you - even I understood some of it :-)

Éric Vyncke

No Objection

Alissa Cooper Former IESG member

No Objection

No Objection (for -03) Not sent

Alvaro Retana Former IESG member

No Objection

No Objection (for -03) Not sent

Barry Leiba Former IESG member

No Objection

No Objection (for -03) Not sent

Benjamin Kaduk Former IESG member

No Objection

No Objection (2021-02-23 for -03) Sent

Section 7

   Implementers should be aware that cryptographic algorithms become
   weaker with time.  As new cryptanalysis techniques are developed and
   computing performance improves, the work factor to break a particular
   cryptographic algorithm will reduce.  Therefore, cryptographic
   algorithm implementations should be modular allowing new algorithms
   to be readily inserted.  That is, implementers should be prepared to
   regularly update the set of algorithms in their implementations.

I think that BCP 201 is a good reference for further reading here.

Section 8.2

If we're importing ASN.1 bits from RFC 5912, doesn't that make it a
normative reference?

Deborah Brungard Former IESG member

No Objection

No Objection (for -03) Not sent

Magnus Westerlund Former IESG member

No Objection

No Objection (2021-02-25 for -03) Sent

Should there be any comments in the security consideration section about the security implications of using 96-bit truncated tags? 

I know that shorter tags have significant vulnerabilities against forgery attempts where successful forgery can be detected. John Mattsson and I wrote a paper identifying why shorter tags would be very bad in SRTP in 2015. https://eprint.iacr.org/2015/477.pdf

I guess the possibility to figure out if CMS forgery attempts are successful depends on what the CMS is used for.

Martin Duke Former IESG member

No Objection

No Objection (for -03) Not sent

Martin Vigoureux Former IESG member

No Objection

No Objection (for -03) Not sent

Robert Wilton Former IESG member

No Objection

No Objection (2021-02-23 for -03) Not sent

Easy to read and understand.  Thank you.

Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) draft-ietf-lamps-cms-aes-gmac-alg-05

Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS)
draft-ietf-lamps-cms-aes-gmac-alg-05