Hi,
I am currently debugging some ISAKMP problems and thus using RFCs like
2085, 2412, etc. about cryptographic algorithms and data formats.
Such RFCs are sometimes a little bit ambiguous or difficult to read
since details are spread around the paper. When implementing such
algorithms or data parsers, you don't know whether the implementation
is correct without a test case, e.g. feeding in some examples and
check whether the result is what is expected.
I'd therefore propose that every RFC dealing with crypto algorithms or
data formats has to have a mandatory appendix section with examples to
be used as a test case. (Every I-Draft should have.)
E.g. when describing key agreements precise examples of the random
numbers and secrets, byte sequences of example messages, and the
results (signatures, keys,...) should be given allowing to do a simple
check of any implementation to see, whether the implementation works
in principle, and does not have such common bugs like wrong padding,
byte order problems etc.
regards
Hadmut
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf