Thanks for your very, very quick review! On the one open item for
discussion, Message-ID, I would offer (1) it is not a do-or-die
situation but that (2) using a cryptographically secure random number
generator. achieves the same result with better properties. Again, I
will defer back to you: I know the work group will push back strong if
a cryptographically secure random number generator is a resource hog.
Are there memory / CPU efficient cryptographically secure random
number generators? Should we give guidance to the range of numbers
(i.e., 32-bits, 512-bits, 6 digits, etc.)?
On May 14, 2008, at 11:42 PM, Eric Rescorla wrote:
At Wed, 14 May 2008 12:20:21 +0800,
Eric Burger wrote:
Inline
On May 4, 2008, at 5:12 AM, Eric Rescorla wrote:
[snip]
S 7.1.1.1. Why does Message-ID need any randomness at all as
opposed
to uniqueness? And if it needs randomness, why is 32 enough?
The randomness property makes it more difficult for malicious nodes
guessing Message-IDs and thus being able to pass IMDNs through
filtering mechanisms.
IYHO, is 32-bits enough? You're the expert; I'm just guessing!
So, unsurprisingly, it depends.
Is your mental model that you have a list of n valid message-ids
"outstanding" at once and you want the probability of an attacker
guessing one to be sufficiently small? With a 32-bit space,
the chance is n/2^32. So, if you're just treating this as a
sort of spam filter, then it's probably fine. But if a single
bad message getting through is fatal, then, no, it's not.
The other thing I would say is that if you want ids to be
unguessable, then you probably want to say that they should
be generated with a cryptographically secure random number
generator. There are lots of PRNGs that produce uniform distributions
but that are predictable and that won't do here, right?
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf