Eric, I agree that we should stick on A. However, it is that obvious from the current RFC 3791. Clarification/update will help on this.
Sheng > -----Original Message----- > From: Eric Levy-Abegnoli [mailto:[email protected]] > Sent: Thursday, September 17, 2009 3:55 PM > To: Sheng Jiang > Cc: 'Arnaud Ebalard'; 'wdwang'; [email protected] > Subject: Re: [CGA-EXT] SEND checksum issue in current RFC > 3791 - update needed > > Sheng, > Currently, I see onle one possibility, which is A. It is > un-ambiguously specified in rfc3971. And it has been > implemented by multiple vendors. Moving to B would not be > backward compatible and would create inter-operability issues. > Eric > > Sheng Jiang a écrit : > > Hi, Arnaud, > > > > Yes, it is an issue must be clearly clarified in the specification. > > Actually, there are two possibility here (which makes more > important > > that specification should be clearly follow only one of them): > > > > A, if we would like to follow the drscription in Section 5.2.1 RFC > > 3791, the input of RSA signature should be a checksum calculated > > without RSA signature and it will be recalculated after signature > > attached. On the receiver side, ICMP checksum should be validated, > > then signature validate, then maybe checksum validate again. > > > > B, more efficiently, on the sender side, as you said, the > input of RSA > > signature should be a checksum with all 0, and after signature > > attached, the checksim is computed over the whole packet. However, > > this makes the signature over checksum totally meaningless. > > Alternatively, we may take checksum bits out from the RSA > signature input. > > > > Additionally, there are intercommunication issues if a sender use A > > implementation and a receiver uses B implementation. > > > > Sum up, an update over the current definition RFC 3791 is needed on > > this issue. > > > > Cheers, > > > > Sheng > > > > > >> -----Original Message----- > >> From: Arnaud Ebalard [mailto:[email protected]] > >> Sent: Thursday, September 17, 2009 2:02 PM > >> To: Sheng Jiang > >> Cc: [email protected]; 'wdwang' > >> Subject: Re: [CGA-EXT] SEND checksum issue in current RFC > >> 3791 - update needed > >> > >> Hi, > >> > >> Sheng Jiang <[email protected]> writes: > >> > >> > >>> During our implementation of SEND & CGA, we discovered an > >>> > >> issue in the > >> > >>> current RFC 3791, described as the following. An update is > >>> > >> needed to > >> > >>> solve this issue. > >>> > >>> Checksum issue in the current SEND definition RFC 3791. > >>> > >>> In Section 5.2, RFC3791, digital signature is defined to > sign data > >>> include checksum fieds from ICMP header (bullet item 4), > >>> > >> which should > >> > >>> already be calculated during the construction of message > (the first > >>> step in Section 5.2.1). After RSA signature is attached, > >>> > >> the original > >> > >>> checksum value is no longer valid. It should be > >>> > >> recalsulated. However, > >> > >>> this was not clearly defined in RFC 3791. More importantly, the > >>> correspondent validation rule must be defined on the > >>> > >> receiver side too. > >> > >> I already reported that same issue some time ago and the > good way to > >> understand the spec is to compute the signature over the > packet with > >> the checksum field to 0. Then, the checksum is computed over the > >> whole packet. But I agree that the spec is unclear on that. > >> > >> See my post and Eric's reply here: > >> > >> > http://www.ietf.org/mail-archive/web/cga-ext/current/msg00098.html > >> > >> Cheers, > >> > >> a+ > >> > > > > _______________________________________________ > > CGA-EXT mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/cga-ext > > > > > _______________________________________________ CGA-EXT mailing list [email protected] https://www.ietf.org/mailman/listinfo/cga-ext
