[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [CGA-EXT] CGA-EXT Digest, Vol 29, Issue 2

> Secondly, nowadays security issues become more and more 
> important for Internet.

Fully agreed.

> I think authentications  
> using signature will be applied in many other scenarios in 
> future, and the cksum signature problem 
> might happen again. Shall we do something about this?

Not sure what you mean by "other scenarios". Could you be more specific
here? Like what protocol may occur such problem. Unless there are something
more specific, we do not know what to do exactly.

Cheers,

Sheng

> Best regards,
> 
> Quanchao Hui
> 
> 
> 2009/9/17 <cga-ext-request at ietf.org>
> 
> 
> 	If you have received this digest without all the 
> individual message
> 	attachments you will need to update your digest options 
> in your list
> 	subscription.  To do so, go to
> 	
> 	https://www.ietf.org/mailman/listinfo/cga-ext
> 	
> 	Click the 'Unsubscribe or edit options' button, log in, 
> and set "Get
> 	MIME or Plain Text Digests?" to MIME.  You can set this option
> 	globally for all the list digests you receive at this point.
> 	
> 	
> 	
> 	Send CGA-EXT mailing list submissions to
> 	       cga-ext at ietf.org
> 	
> 	To subscribe or unsubscribe via the World Wide Web, visit
> 	       https://www.ietf.org/mailman/listinfo/cga-ext
> 	or, via email, send a message with subject or body 'help' to
> 	       cga-ext-request at ietf.org
> 	
> 	You can reach the person managing the list at
> 	       cga-ext-owner at ietf.org
> 	
> 	When replying, please edit your Subject line so it is 
> more specific
> 	than "Re: Contents of CGA-EXT digest..."
> 	
> 	
> 	Today's Topics:
> 	
> 	  1.  SEND checksum issue in current RFC 3791 - update needed
> 	     (Sheng Jiang)
> 	
> 	
> 	
> ----------------------------------------------------------------------
> 	
> 	Message: 1
> 	Date: Thu, 17 Sep 2009 10:14:03 +0800
> 	From: Sheng Jiang <shengjiang at huawei.com>
> 	Subject: [CGA-EXT] SEND checksum issue in current RFC 
> 3791 - update
> 	       needed
> 	To: cga-ext at ietf.org
> 	Cc: 'wdwang' <wdwang at bupt.edu.cn>
> 	Message-ID: <000901ca373c$874238f0$3a0c6f0a at china.huawei.com>
> 	Content-Type: text/plain; charset=us-ascii
> 	
> 	Hi, dear CSIer,
> 	
> 	During our implementation of SEND & CGA, we discovered 
> an issue in the
> 	current RFC 3791, described as the following. An update 
> is needed to solve
> 	this issue.
> 	
> 	Checksum issue in the current SEND definition RFC 3791.
> 	
> 	In Section 5.2, RFC3791, digital signature is defined 
> to sign data include
> 	checksum fieds from ICMP header (bullet item 4), which 
> should already be
> 	calculated during the construction of message (the 
> first step in Section
> 	5.2.1). After RSA signature is attached, the original 
> checksum value is no
> 	longer valid. It should be recalsulated. However, this 
> was not clearly
> 	defined in RFC 3791. More importantly, the 
> correspondent validation rule
> 	must be defined on the receiver side too.
> 	
> 	Best regards,
> 	
> 	Sheng
> 	
> 	
> 	
> 	------------------------------
> 	
> 	_______________________________________________
> 	CGA-EXT mailing list
> 	CGA-EXT at ietf.org
> 	https://www.ietf.org/mailman/listinfo/cga-ext
> 	
> 	
> 	End of CGA-EXT Digest, Vol 29, Issue 2
> 	**************************************
> 	
> 
> 
>