Thanks for your very, very quick review! On the one open item for discussion, Message-ID, I would offer (1) it is not a do-or-die situation but that (2) using a cryptographically secure random number generator. achieves the same result with better properties. Again, I will defer back to you: I know the work group will push back strong if a cryptographically secure random number generator is a resource hog.
Are there memory / CPU efficient cryptographically secure random number generators? Should we give guidance to the range of numbers (i.e., 32-bits, 512-bits, 6 digits, etc.)? On May 14, 2008, at 11:42 PM, Eric Rescorla wrote: > At Wed, 14 May 2008 12:20:21 +0800, > Eric Burger wrote: >> >> Inline >> >> On May 4, 2008, at 5:12 AM, Eric Rescorla wrote: [snip] >>> S 7.1.1.1. Why does Message-ID need any randomness at all as >>> opposed >>> to uniqueness? And if it needs randomness, why is 32 enough? >> >> The randomness property makes it more difficult for malicious nodes >> guessing Message-IDs and thus being able to pass IMDNs through >> filtering mechanisms. >> >> IYHO, is 32-bits enough? You're the expert; I'm just guessing! > > So, unsurprisingly, it depends. > > Is your mental model that you have a list of n valid message-ids > "outstanding" at once and you want the probability of an attacker > guessing one to be sufficiently small? With a 32-bit space, > the chance is n/2^32. So, if you're just treating this as a > sort of spam filter, then it's probably fine. But if a single > bad message getting through is fatal, then, no, it's not. > > The other thing I would say is that if you want ids to be > unguessable, then you probably want to say that they should > be generated with a cryptographically secure random number > generator. There are lots of PRNGs that produce uniform distributions > but that are predictable and that won't do here, right? _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
