The introduction of the document begins:
This document provides test vectors to validate the correct
implementation of the TCP Authentication Option (TCP-AO) [RFC5925]
and its mandatory cryptographic algorithms defined in [RFC5926].
I expected to see discussion of the algorithms that are in the table of contents in RFC 5926. However, these algorithm names are not used. Using different algorithm name add confusion.
For the Key Derivation Functions (KDFs), please use the names in RFC 5926: KDF_HMAC_SHA1and KDF_AES_128_CMAC.
For the MAC Algorithms, please use the names in RFC 5926: HMAC-SHA-1-96 and AES-128-CMAC-96.
Thank for you consideration,
Russ
On Jan 18, 2022, at 3:09 PM, The IESG <iesg-secretary@xxxxxxxx> wrote:
The IESG has received a request from the TCP Maintenance and Minor Extensions
WG (tcpm) to consider the following document: - 'TCP-AO Test Vectors'
<draft-ietf-tcpm-ao-test-vectors-04.txt> as Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@xxxxxxxx mailing lists by 2022-02-01. Exceptionally, comments may
be sent to iesg@xxxxxxxx instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.
Abstract
This document provides test vectors to validate implementations of
the two mandatory authentication algorithms specified for the TCP
Authentication Option over both IPv4 and IPv6. This includes
validation of the key derivation function (KDF) based on a set of
test connection parameters as well as validation of the message
authentication code (MAC). Vectors are provided for both currently
required pairs of KDF and MAC algorithms: one based on SHA-1 and the
other on AES-128. The vectors also validate both whole TCP segments
as well as segments whose options are excluded for middlebox
traversal.
--
last-call mailing list
last-call@xxxxxxxxhttps://www.ietf.org/mailman/listinfo/last-call
