RE: digest-md5 issues

["Paul Leach (Exchange)" <paulle@xxxxxxxxxxxxxxxxxxxxxx>]

The version is 0x0001 -- i.e., two bytes, not one.

> -----Original Message-----
> From: Lawrence Greenfield [mailto:leg+@xxxxxxxxxxxxxx]
> Sent: Thursday, August 12, 1999 3:33 PM
> To: ietf-sasl@xxxxxxx
> Subject: digest-md5 issues
> 
> 
> I talked with Paul Leach today, and he told me of the following
> pending changes to digest-md5, which we'll be implementing in upcoming
> versions of our library.
> 
> For integrity protection the trailer is:
> 
> MAC(Ki, SeqNum, msg) = { HMAC(Ki, (SeqNum, msg))[0..9], 0x01, SeqNum }
> 
> For confidentiality protection, the encoding will be:
> 
> { msg, pad, HMAC, version, seq }
> 
> where msg, pad, and HMAC are encrypted, and the padding is sufficient
> to make the plaintext a multiple of the block length.
> 
> The version is 0x01; the sequence number is four bytes; both are
> transmitted in the clear.
> 
> Finally, we discussed realms and agreed that Pete Resnick summed up
> the discussion pretty well: servers may send a list of realms, and if
> they do, the client must pick one of them.  If the server sends no
> realms, the client may pick one (via some other agreement).
> 
> If the client sends no realm, the server assumes it's the empty
> string.
> 
> Paul promises a new draft will be coming out just as soon as he can
> copy and paste his entire document and the network catches up with
> him.  :^) (It's possible I'm confused; I'm sure the techology at
> Microsoft is state-of-the-art.)
> 
> Larry
>