I have performed a detailed editorial review of
draft-kanno-ipsecme-camellia-xcbc-01
and sent it off-list to the authors.
However, there seems to be a more fundamental strategic question:
Per the standardization of CMAC in NIST SP 800-38B,
the original XCBC enhancement to CBC-MAC seems to be
less interesting from a standardization point of view.
(CMAC is a improved refinement of XCBC-MAC, originally
published as OMAC / OMAC1 -- see the explanation in the
Introduction of NIST SP 800-38B.)
For AES as the underlying block cipher, use of CMAC with IPsec
and IKE already has been specified (in RFCs 4494 and 4615,
respectively), and the promoters of Camellia have a similar
draft as well (draft-kato-ipsec-camellia-cmac96and128).
For interoperability purposes, it is important to not let
the IPsec/IKE algorithm portfolio grow unnecessarily.
So I suggest to consider in general whether:
a) XCBC should be used in new specifications, and/or
b) the existing XCBC specifications for IPsec might
be demoted or even deprecated, and/or
c) CMAC use should be promoted in its support requirement level.
All related RFCs appear in draft-ietf-ipsecme-roadmap, which
thus might be affected by the outcome of any new recommendations.
Kind regards,
Alfred Hönes.
--
+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. |
| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 |
| D-71254 Ditzingen | E-Mail: a...@tr-sys.de |
+------------------------+--------------------------------------------+
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
