[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

digest-md5 issues

To: ietf-sasl@xxxxxxx
Subject: digest-md5 issues
From: Lawrence Greenfield <leg+@xxxxxxxxxxxxxx>
Date: 12 Aug 1999 18:32:58 -0400
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sasl@xxxxxxx

I talked with Paul Leach today, and he told me of the following
pending changes to digest-md5, which we'll be implementing in upcoming
versions of our library.

For integrity protection the trailer is:

MAC(Ki, SeqNum, msg) = { HMAC(Ki, (SeqNum, msg))[0..9], 0x01, SeqNum }

For confidentiality protection, the encoding will be:

{ msg, pad, HMAC, version, seq }

where msg, pad, and HMAC are encrypted, and the padding is sufficient
to make the plaintext a multiple of the block length.

The version is 0x01; the sequence number is four bytes; both are
transmitted in the clear.

Finally, we discussed realms and agreed that Pete Resnick summed up
the discussion pretty well: servers may send a list of realms, and if
they do, the client must pick one of them.  If the server sends no
realms, the client may pick one (via some other agreement).

If the client sends no realm, the server assumes it's the empty
string.

Paul promises a new draft will be coming out just as soon as he can
copy and paste his entire document and the network catches up with
him.  :^) (It's possible I'm confused; I'm sure the techology at
Microsoft is state-of-the-art.)

Larry

Prev by Date: Re: digest-md5 realm
Next by Date: RE: digest-md5 issues
Previous by thread: cc:Mail Link to SMTP Undeliverable Message: Unknown user: Angela Liang
Next by thread: RE: digest-md5 issues
Index(es):
- Date
- Thread