On Friday, January 20, 2012 10:57:59 AM SM wrote: > Hi Scott, > > At 10:34 20-01-2012, Scott Kitterman wrote: > >If this issue, AIUI, is that someone is worried that later this will be > >referenced in an inappropriate way, I'm not sure what would satisfy that. > >I think it's already clear. > > I don't think so. One of the points mentioned by Murray [1] was: > > "the concern is that doing something like this on the standards > track might lead future efforts to believe this mechanism is > sufficient for arbitrary data protection when it is not." > > One of the questions asked by the Responsible AD [2] was: > > "why there is any objection to doing HMAC (since it isn't hard to do)?" > > The text from the DISCUSS is: > > "I don't think that's ok. I think you want HMAC() and not H(). > > If I could supply a redactor with a zero length "private" string, > e.g. message with a header field like "To: @example.org" then the > redactor will send H(redaction-key) which can then allow (via > hash-continuation) checking if any value matches a value from an > output here. > > If the alphabet for sensitive values has N characters > then I can also send "To: "+char[i]+"@example.org" for > each i and then play the continuation game on that. > Same for two character prefixes etc. > > (2) I can also use this to validate guesses of the redaction > key value. I need to think about how one might avoid that > or if its possible to avoid that." > > Regards, > -sm > > 1. http://www.ietf.org/mail-archive/web/marf/current/msg01681.html > 2. http://www.ietf.org/mail-archive/web/marf/current/msg01691.html
Thanks for the clarification. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
