[IPsec] [Errata Held for Document Update] RFC7634 (5441)

Sun, 10 Apr 2022 17:18:06 -0700 

The following errata report has been held for document update 
for RFC7634, "ChaCha20, Poly1305, and Their Use in the Internet Key Exchange 
Protocol (IKE) and IPsec". 

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid5441

--------------------------------------
Status: Held for Document Update
Type: Technical

Reported by: Andrew Cagney <andrew.cag...@gmail.com>
Date Reported: 2018-07-26
Held by: Paul Wouters (IESG)

Section: 4

Original Text
-------------
   When negotiating the ChaCha20-Poly1305 algorithm for use in IKE or
   IPsec, the value ENCR_CHACHA20_POLY1305 (28) should be used in the
   transform substructure of the SA payload as the ENCR (type 1)
   transform ID.  As with other AEAD algorithms, INTEG (type 3)
   transform substructures MUST NOT be specified, or just one INTEG
   transform MAY be included with value NONE (0).

Corrected Text
--------------
   When negotiating the ChaCha20-Poly1305 algorithm for use in IKE or
   IPsec, the value ENCR_CHACHA20_POLY1305 (28) should be used in the
   transform substructure of the SA payload as the ENCR (type 1)
   transform ID.
   As with other transforms that use a fixed-length key, the Key Length
   attribute MUST NOT be specified.
   As with other AEAD algorithms, INTEG (type 3)
   transform substructures MUST NOT be specified, or just one INTEG
   transform MAY be included with value NONE (0).

Notes
-----
Reading both RFC7634 and RFC7539 there seems to be a single fixed-length key of 
256-bits. 
Hence, I think https://tools.ietf.org/html/rfc7296#section-3.3.5:
   o  The Key Length attribute MUST NOT be used with transforms that use
      a fixed-length key.  For example, this includes ENCR_DES,
      ENCR_IDEA,...
applies (my intent is to clarify this).

Paul Wouters:

I agree this should be added in future versions of this document to prevent 
implementation mistakes. However, not mentioning it here is not an error, so 
resolving this as Held for Document Update.

--------------------------------------
RFC7634 (draft-ietf-ipsecme-chacha20-poly1305-12)
--------------------------------------
Title               : ChaCha20, Poly1305, and Their Use in the Internet Key 
Exchange Protocol (IKE) and IPsec
Publication Date    : August 2015
Author(s)           : Y. Nir
Category            : PROPOSED STANDARD
Source              : IP Security Maintenance and Extensions
Area                : Security
Stream              : IETF
Verifying Party     : IESG

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to