On Mon, 28 Aug 2023 at 13:25, Alexander Clouter <[email protected]> wrote:
> On Sun, 27 Aug 2023, at 18:16, Heikki Vatiainen wrote: > > > https://github.com/emu-wg/rfc7170bis/pull/27 > > > > Alex, please comment. I've discussed this with a colleague and we think > the > > current draft would break compatibility with the existing > implementations. > > Your change describes what I implemented for FreeRADIUS. > > The previous text was wrong. I agree with your amendment. > > Great catch, the other crucial goal of 7170bis was to clear up all the > crypto greyness Journi flagged through all those errata queries. > The diff tool Michael mentioned earlier is very useful. I noticed the difference when I was going through the changes between RFC 7170 and the current draft. The reason why that wasn't noticed earlier is that our implementation was based on RFC 7170. Because the IMSK calculation from EMSK and MSK was not supposed to be changed (apart from the case where the MSK is not available), the small changes in done in January were overlooked as editorial as opposed to functional. Related to EMSK, https://www.ietf.org/archive/id/draft-ietf-emu-rfc7170bis-13.html#name-intermediate-compound-key-d the 3rd paragraph currently says: If an inner method supports export of an Extended Master Session Key > (EMSK), then the IMSK SHOULD be derived from the EMSK as defined in > [RFC5295]. Why the SHOULD? If something else is done, how could it work with other implementations? -- Heikki Vatiainen [email protected]
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
