t.petch wrote on 12.08.2014 10:43: > However, I am aware of > https://datatracker.ietf.org/doc/draft-hartman-snmp-sha2/ > which looks remarkable similar in scope but different in detail.
We were not aware of this draft. Indeed, at first glance it seems quite similar. Apart from formal (e.g. missing code point request, descriptions of MIB module and relationship to other MIB modules, and security considerations) and editorial aspects (our description seems more aligned with RFC 3414), I spotted the following major differences - draft-hartman-snmp-sha2 defines 3 protocols whereas our draft defines 6 protocols - draft-hartman-snmp-sha2 does not use any HMAC truncation, whereas in our draft, all HMACs are truncated. (For a discussion of HMAC truncation see our security consideration) - in draft-hartman-snmp-sha2, the length of the authentication key K is only a SHOULD, while in our draft it is fixed. - our draft defines methods for key localization and key change using the same hash function as the authentication protocol. > its distinguished list of editors. Any ideas what their intentions are? > I have no clue. Johannes > > Tom Petch > > ----- Original Message ----- > From: "Warren Kumari" <[email protected]> > To: "[email protected]" <[email protected]>; > <[email protected]> > Sent: Monday, August 11, 2014 10:28 PM > Subject: [OPSAWG] Call for Adoption: draft-hmac-sha-2-usm-snmp > > >> Dear OpsAWG WG, >> >> This starts a Call for Adoption for draft-hmac-sha-2-usm-snmp. >> >> The draft is available here: >> https://datatracker.ietf.org/doc/draft-hmac-sha-2-usm-snmp/ >> >> Please review this draft to see if you think it is suitable for >> adoption by OpsAWG, >> and comments to the list, clearly stating your view. >> >> Please also indicate if you are willing to contribute text, review, > etc. >> >> This call for adoption ends Mon 25-Aug-2014. >> >> In addition, to satisfy RFC 6702 ("Promoting Compliance with >> Intellectual Property Rights (IPR)"): >> If you are personally aware of any IPR that applies to >> draft-hmac-sha-2-usm-snmp, has this IPR been disclosed in compliance >> with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378 for more >> details.) >> >> >> >> Thanks, >> Warren Kumari >> (as OpsAWG WG co-chair) >> >> _______________________________________________ >> OPSAWG mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/opsawg > > _______________________________________________ > OPSAWG mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsawg > -- Mit freundlichen Grüßen, Dr. Johannes Merkle Principal Beratung, Elektronische Identitäten Public Sector secunet Security Networks AG Mergenthaler Allee 77 65760 Eschborn Germany Telefon +49 201 54 54-3091 Telefax +49 201 54 54-1325 Mobil +49 175 2224439 [email protected] www.secunet.com _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
