On Wed, 19 Feb 2014 16:23:36 -0500 Benjamin Kaduk <[email protected]> wrote:
> Hi all, > > The core rxgk document (which just had a last call period) has a normative > reference to RFC 4402 for the PRF+ construction, which is an algorithm to > get variable-length pseudo-random bytestrings from the RFC 3961 enctype's > pseudo_random() function. The construction is basically just to invoke > the underlying pseudo_random() function in counter mode. > > However, there is an erratum [1] filed against RFC 4402, which notes that > the implementors of that specification for krb5 gss_pseudo_random() > started the counter at 0, even though the text of RFC 4402 mandates that > the counter start at 1. > > Because of this ambiguity about what value the counter starts at, in order > to ensure interoperability of rxgk implementations, we should note/clarify > what behavior rxgk expects. It's probably easiest to do this by noting > directly in the document, i.e., issue a new I-D with just this change. > It's my understanding that if we have agreement on the list for the > clarification, no additional last call period is necessary. Thanks Ben, So if I understand; This is not a change (or errata), but a clarification? The clarification is to say the RFC 4402 mandate of starting the counter at 1 is correct for afs3-rxgk (even though other impementations of 4402 start at 0)? Can you suggest the correct wording? > > It doesn't really matter whether rxgk starts at 0 or 1, it's just an > arbitrary choice and we have to pick one to ensure interoperability. > There's some argument for starting at 0, in that we'll be doing the same > thing as krb5. However, the krb5 libraries only export the RFC 4402 > functionality as the gss routine, which requires a GSS security context in > order to be called. Thus, rxgk implementations would not be able to > easily share code with krb5 implementations for this matter. I have an > implementation of this PRF+ in OpenAFS gerrit for review; it's about 70 > lines of code. The argument for starting at 1 is that we're citing RFC > 4402 for the construction, and the actual text of RFC 4402 is to start at > 1. Entries in the RFC series should never change, so citing RFC 4402 as a > normative reference means just that -- use the text that is there, not > some edited version from an erratum. > > Does anyone have an opinion that might sway us to one side or the other? > > -Ben > > [1] http://www.rfc-editor.org/errata_search.php?rfc=4402 > _______________________________________________ > AFS3-standardization mailing list > [email protected] > http://lists.openafs.org/mailman/listinfo/afs3-standardization -- Michael Meffie <[email protected]> _______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
