[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed

To: Sheng Jiang <shengjiang at huawei.com>
Subject: Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
From: arno at natisbad.org (Arnaud Ebalard)
Date: Thu, 17 Sep 2009 14:10:07 +0200
Cc: 'wdwang' <wdwang at bupt.edu.cn>, cga-ext at ietf.org
Delivered-to: cga-ext at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=natisbad.org; s=mail; h=From:To:Cc:Subject:References:Date: In-Reply-To:Message-ID:MIME-Version:Content-Type; bh=SBCXXyXUY9i aFVtM1sg6cLzvfhpKe3UqHiuxPht6jTU=; b=NrLnHaT2hfpU2nhM1v7tcskWCdT xTFmFoBPLaZ00rT6Wl/dKdCnXl0qBuZzSrEMxEg3xH1zuUqjkZKqrpFICOJwVGaL 2Al8MtXbOWiSXA5IwEJ7aWExsnHBuja2Rs2ljXrxaD9ncfKeAihaiZzaVi6Q/lel wUfh78gsbd5vou+o=
In-reply-to: <002b01ca3787$57bedfc0$3a0c6f0a at china.huawei.com> (Sheng Jiang's message of "Thu, 17 Sep 2009 19:09:36 +0800")
List-archive: <http://www.ietf.org/mail-archive/web/cga-ext>
List-help: <mailto:cga-ext-request@ietf.org?subject=help>
List-id: CGA and SeND Extensions <cga-ext.ietf.org>
List-post: <mailto:cga-ext@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=unsubscribe>
References: <002b01ca3787$57bedfc0$3a0c6f0a at china.huawei.com>
User-agent: Gnus/5.110009 (No Gnus v0.9) Emacs/23.0.92 (gnu/linux)

>> >> B, more efficiently, on the sender side, as you said, the input of 
>> >> RSA signature should be a checksum with all 0, and after signature 
>> >> attached, the checksim is computed over the whole packet. However, 
>> >> this makes the signature over checksum totally meaningless. 
>> >> Alternatively, we may take checksum bits out from the RSA 
>> signature input.
>> 
>> Performing the signature over the given layout with the null 
>> checksum prevents useless copies: you zero the field, pass 
>> the whole buffer to your signature function w/o the need to 
>> copy things to create a different layout. But I guess this 
>> does not matter anymore.
>
> Agree. If this is the initial design, it should be more efficient. However,
> if we need to follow what is already in current specification, try to keep
> consistent and compliant, don't break the existing implementations, then A
> is the only choice.

sadly, yes.

References:
- Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
  - From: Sheng Jiang

Prev by Date: Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
Next by Date: Re: [CGA-EXT] CGA-EXT Digest, Vol 29, Issue 2
Previous by thread: Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
Next by thread: Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
Index(es):
- Date
- Thread