[IPsec] Fwd: [Technical Errata Reported] RFC4543 (3643)

Mon, 12 Aug 2013 13:44:51 -0700 

Thoughts?

spt

-------- Original Message --------
Subject: [Technical Errata Reported] RFC4543 (3643)
Date: Thu,  6 Jun 2013 11:40:42 -0700 (PDT)
From: RFC Errata System <[email protected]>
To: [email protected], [email protected], [email protected]
CC: [email protected], [email protected]

The following errata report has been submitted for RFC4543,
"The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=4543&eid=3643

--------------------------------------
Type: Technical
Reported by: Michael Bowler <[email protected]>

Section: 4

Original Text
-------------
   In AUTH_AES_GMAC, the AH Authentication Data field consists of the IV
   and the Authentication Tag, as shown in Figure 5.  Unlike the usual
   AH case, the Authentication Data field contains both an input to the
   authentication algorithm (the IV) and the output of the
   authentication algorithm (the tag).  No padding is required in the
   Authentication Data field, because its length is a multiple of 64
   bits.

Corrected Text
--------------
   In AUTH_AES_GMAC, the AH Authentication Data field consists of the IV
   and the Authentication Tag, as shown in Figure 5.  Unlike the usual
   AH case, the Authentication Data field contains both an input to the
   authentication algorithm (the IV) and the output of the
   authentication algorithm (the tag).  In IPv6, padding of 4 octets is
   required to bring the AH header to a multiple of 64-bits.  No padding
   is required for IPv4.

Notes
-----
The original text fails to consider the rest of the AH header which is 12 octets plus the authentication data field. 

Instructions:
-------------
This errata is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary.

--------------------------------------
RFC4543 (draft-mcgrew-aes-gmac-esp-02)
--------------------------------------
Title : The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH 
Publication Date    : May 2006
Author(s)           : D. McGrew, J. Viega
Category            : PROPOSED STANDARD
Source              : IETF - NON WORKING GROUP
Area                : N/A
Stream              : IETF
Verifying Party     : IESG




_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec






















					Reply via email to