> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Robert Moskowitz > Sent: Wednesday, October 30, 2013 7:22 AM > To: HIP > Subject: [Hipsec] Adding CMAC and GMAC to 5202-bis > > We added the 'modern' modes: CCM and GCM to 5202-bis, but left out the > authentication only modes. Thus I propose adding to sec 5.1.2: > > AES-CMAC-96 14 [RFC4493], [RFC4494] > AES-GMAC 15 [RFC4543] > > If you have CCM in your implementation, it makes sense to offer CMAC, > and likewise GCM/GMAC. > > If there is no down votes on this, Tom said he would add them.
I will plan to add these on Friday if there are no further comments. > > > There is JUST one MINOR point about manditory to implement, also in sec > 5.1.2. > > Keep it as is, or change it two either CCM or GCM? I can argue this > all ways around. I suspect that sensor implementations may well ignore > the manditory and just do CCM. > I will keep as is in the next revision, unless there is support voiced for changing it. Current statement is: Mandatory implementations: AES-128-CBC with HMAC-SHA-256 and NULL with HMAC-SHA-256. Rene also pointed out in his reviews that the current spec set may need to be slightly modified to accommodate sensor requirements, but I believe that we decided to leave those for further study/specification. - Tom _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
