Last Call Review of draft-ietf-avt-seed-srtp-
review-ietf-avt-seed-srtp-secdir-lc-canetti-2009-06-05-00
| Request | Review of | draft-ietf-avt-seed-srtp |
|---|---|---|
| Requested revision | No specific revision (document currently at 14) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2009-06-02 | |
| Requested | 2009-03-06 | |
| Authors | Joongman Kim , Haeryong Park , Seokung Yoon , Hyuncheol Jeong , Yoojae Won | |
| I-D last updated | 2009-06-05 | |
| Completed reviews |
Secdir Last Call review of -??
by Ran Canetti
|
|
| Assignment | Reviewer | Ran Canetti |
| State | Completed | |
| Request | Last Call review on draft-ietf-avt-seed-srtp by Security Area Directorate Assigned | |
| Completed | 2009-06-05 |
review-ietf-avt-seed-srtp-secdir-lc-canetti-2009-06-05-00
*** I have reviewed this document as part of the security directorate's *** ongoing effort to review all IETF documents being processed by the *** IESG. These comments were written primarily for the benefit of the *** security area directors. Document editors and WG chairs should treat *** these comments just like any other last call comments. The draft describes the use of the SEED cipher (RFC 4269) within the SRTP protocol. The document is well written and thorough. I see no problems with it. My only potential concern is regarding the use of SEED itself. SEED is a cipher that's apparently very popular in Korea and less so elsewhere. While no weaknesses have been found afaik, it did not receive the level of scrutiny that AES did. Thus, the question arises whether the IETF should standardize (and thereby implicitly endorse) the use of this cipher as an alternative to AES. I personally see no problem here, as long as a security comparison is made clear in the document. Still, others may feel differently. In fact, for this purpose I cc'ed the cfrg RG on this evaluation. Best, Ran _______________________________________________ secdir mailing list secdir at mit.edu https://mailman.mit.edu/mailman/listinfo/secdir