Re: Evaluation: draft-ietf-ipsec-ciph-aes-xcbc-mac - The

["Jeffrey I. Schiller" <jis@mit.edu>]

I'll double check, but this usually isn't an issue if they provide nroff 
input to the RFC Editor...

			-Jeff

Erik Nordmark wrote:
> Thomas included text indicates that they haven't turned off hypehnation
> in the draft. That needs to be fixed before this reaches the rfc-editor.
>
>   Erik
>
>
>
> > ----- Begin Included Message -----<
>
> Date: Thu, 23 Jan 2003 12:09:43 -0500
> From: "Thomas Narten" <narten@us.ibm.com>
> Subject: Re: Evaluation: draft-ietf-ipsec-ciph-aes-xcbc-mac - The 
> To: iesg-secretary@ietf.org, iesg@ietf.org
>
> I'm a no ob, but have one nit:
>
>    tion.  The classic CBC-MAC algorithm, while secure for messages of a
>    pre-selected fixed length, has been shown to be insecure across mes-
>    sages of varying lengths such as the type found in typical IP data-
>    grams.  In fact, it is trivial to produce forgeries for a second mes-
>    sage given the MAC of a prior message.
>
> Might be good to include a reference to some of the work mentioned
> above.
>
> Thomas
>
>
> > ----- End Included Message -----<

Attachment: pgp00007.pgp
Description: PGP signature