eap Mailing List: Re: Proposed resolution to Issue 207: IESG comments on RFC 2284bis-07

[Bernard Aboba (aboba]

> Hi Bernard,
>
>       Just verifying:
>
> > In Section 1.3, change the 4th paragraph from:
> >
> > " EAP authentication is initiated by the authenticator, whereas many
> > authentication protocols are initiated by the client (peer). As a
> > result, it may be necessary for an algorithm to add 0.5 - 1
> > additional roundtrips between the client and authenticator in order
> > to run over EAP."
> >
> > To:
> >
> > " EAP authentication is initiated by the authenticator, whereas many
> > authentication protocols are initiated by the client (peer). As a
> > result, it may be necessary for an algorithm to add one or two
> > additional messages (at most one roundtrip) between the peer and
> > server in order to run over EAP."
>
> Was it your intention here to change "neccesary for an authentication
> algorithm" in Russ' replacement text to "neccesary for an algorithm"?

Thanks for catching this.  I think we we want "necessary for an
authentication algorithm."

> [...]
>
> > In Section 7.2.1, change:
> >
> > "The effective key strength SHOULD be stated as number of bits,
> > defined as follows: If the effective key strength is N bits, the
> > best currently known methods to recover the key (with
> > non-negligible probability) require an effort comparable to 2^N
> > operations of a typical block cipher."
> >
> > To:
> >
> > "The effective key strength SHOULD be stated as number of bits,
> > defined as follows: If the effective key strength is N bits, the
> > best currently known methods to recover the key (with
> > non-negligible probability) requires on average an effort
> > comparable to 2^(N-1) operations of a typical block cipher."
>
> I think "...methods...requires on average" should be
> "...methods...require on average"?

Yes.