Publication updage: two draft-standards

25 Mar 2010

As 'publications' go, this is really scraping the bottom of the barrel. Internet Drafts (such as these) are considered works-in-progress, can be submitted by anybody and their grandmother, and expire in six months. They are really, really, not considered a big deal by anyone familiar with the process. But, they have one redeeming feature: one can blog about them very quickly.

So: please allow me to announce that for reasons I cannot explain, I have submitted two Internet Drafts to the IETF:

https://datatracker.ietf.org/doc/draft-herzog-setkey/
https://datatracker.ietf.org/doc/draft-herzog-static-ecdh/

That is all.

You are not watching this post, click to start watching

Permalink |
Quote

Passive set members

Are there really passive set members in practice? One of the challenges I've had with pay-per-view streaming video is the control channel: those watching the movie want to pause, rewind, fast-forward, jump around, drag the slider... and all this has to be represented back to the server, since we neither trust the client nor consider it very bright.

Separately: if a member appears in both active and passive fields, it MUST be considered active. If most implementations consider it active, as you recommend, and a few do otherwise, I think you'll find exploitable bugs fairly quickly.

...and as to ECFH, I wish there were more to say than "use a fresh ukm for each message." I fear that small counters will come back to bite users of this system, but have no better advice to give.

Posted by Brian Sniffen on Mar 25th, 2010 at 11:26 am.

Yes, but

...If a member appears in both active and passive fields, it MUST be considered active. If most implementations consider it active, as you recommend, and a few do otherwise, I think you'll find exploitable bugs fairly quickly.

Perhaps, but the 'MUST' is pretty strong: "This word, or the terms "REQUIRED" or "SHALL", mean that the definition is an absolute requirement of the specification." [RFC 2119]. So any implementation that considers such an entity to be 'active' would be out of compliance with the spec.

Or are you suggesting that I should design the spec to minimize bugs, even in non-compliant implementations?

Posted by Jon on Mar 25th, 2010 at 6:42 pm.

Post new comment

Your name:

E-mail:

The content of this field is kept private and will not be shown publicly.

Homepage:

Comment: *

Input format

Filtered HTML

Web page addresses and e-mail addresses turn into links automatically.
Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

Full HTML

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Use [fn]...[/fn] (or <fn>...</fn>) to insert automatically numbered footnotes.
You may quote other posts using [quote] tags.

Markdown

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.

More information about formatting options

CAPTCHA

This question is for testing whether you are a human visitor and to prevent automated spam submissions. To avoid all future questions like these, please create an account for yourself.