[prev in list] [next in list] [prev in thread] [next in thread]
List: cfrg
Subject: Re: [CFRG] =?iso-8859-1?q?Adoption_Call=3A_Guidelines_for_Writing_Cr?=
From: Hubert Kario <hkario () redhat ! com>
Date: 2023-06-22 12:58:18
Message-ID: 36126e45-f7d0-4411-9512-76fe4c71b3db () redhat ! com
[Download RAW message or body]
On Wednesday, 21 June 2023 20:13:25 CEST, Jonathan Hammell wrote:
> I think this draft will be useful and I support RG adoption.
>
> While there is a recommendation in Section 3.2 to specify data
> formats, encodings and serialization methods, I would like to see some
> guidance in Section 4 or 5 to explicitly recommend interfaces use
> implementation-friendly data formats (e.g. octet strings) rather than
> mathematical elements.
+1 to that, I'd also like to see that the pseudocode should explicitly
call out any operations that will not end up being side-channel secure
if implemented with a naïve approach (big number arithmetic, selection
between two values, etc.)
> Also, the authors might consider adding some specific guidance in
> Section 3 (maybe in 3.3.1.5) related to diagrams of message flows for
> specifications involving protocol messages (e.g. OPAQUE).
>
> Best regards,
> Jonathan
>
> --
> Canadian Centre for Cyber Security
>
> On Fri, Jun 2, 2023 at 1:15 AM Stanislav V. Smyshlyaev
> <smyshsv@gmail.com> wrote:
>> Dear CFRG participants,
>>
>> This message is starting 3 weeks adoption call on "Guidelines
>> for Writing Cryptography Specifications" draft,
>> draft-sullivan-cryptography-specification-00
>> (https://datatracker.ietf.org/doc/draft-sullivan-cryptography-specification/)
>> that will end on June 23rd 2023.
>>
>> Please send your feedback in reply to this email or directly
>> to CFRG chairs <cfrg-chairs@ietf.org>.
>>
>> Best regards,
>> Stanislav (for CFRG chairs) ...
>
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
_______________________________________________
CFRG mailing list
CFRG@irtf.org
https://www.irtf.org/mailman/listinfo/cfrg
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic