.
.TL "Straylight/Edgeware" "Mark Wooding"
.TL "Request for Comments: XXXX" "Straylight/Edgeware"
-.TL "" "21 February 2001"
+.TL "" "11 April 2003"
-.TT XXXX Wooding "February 2001" \
+.TT XXXX Wooding "April 2003" \
"TrIPE: The Trivial IP Encryption Protocol"
-.TI 0 "Status of this Memo"
+.T0 "Status of this Memo"
This memo defines an Experimental Protocol for the Internet community.
This memo does not specify an Internet standard of any kind. Discussion
.K c (
and
.K' c "" )
-
+.LE
.T1 "Key exchange"
-.T0 "Data representation"
-
-The following data types are used in the protocol:
+.T0 "Data representation and notation"
+.de SD
+.LS
+..
+.de SM
+.br
+.B "\\$1" \c
+.if !'\\$2'.' \ \\$2\c
+.if !'\\$3'' \{\
+:
+.I "\\$3" \c
+.\}
+..
+.de SR
+.br
+.B "\\$1" \c
+.if !'\\$2'.' \ \\$2\c
+.if !'\\$3'' : \\$3
+..
+.de ST
+.SM "\\$1" "\\$2" "\\$3"
+.LS 2n
+..
+
+We need to deal with a number of data items during the protocol.
+.if t \{\
+Object names are given in
+.I italics .
+.\}
+A plain name indicates `our' value; a `primed' name (e.g.,
+.I alpha' )
+indicates the peer's corresponding value. If a compound data item name
+is primed, toggle the primed-ness of the components.
+
+Data objects are given types which determine their representation in
+protocol messages. Type names are given in
+.B UPPERCASE .
+
+.T1 "Atomic data items"
.DL
-.DI "32-bit"
-Some guff I haven't written yet.
+.DI OCTET
+A single octet, representing a value between 0 and 255.
+
+.DI U16
+A pair of octets, representing a value between 0 and 65535. The more
+significant octet appears first.
+
+.DI U32
+Four octets, representing a value between 0 and 4294967295. More
+significant octets appear first.
+
+.DI "STRING \fIn\fR\fB"
+A string of
+.I n
+octets. A
+.B STRING
+does not have a numeric value.
+
+.DI MP
+A nonnegative multiprecision integer. Let
+.I n
+be the integer to be represented, and let
+.I z
+be the number of octets required to represent
+.I n
+in base-256 format with no leading zeroes; i.e., if
+.I n
+= 0, then
+.I z
+= 0; otherwise
+.I z
+is the unique integer such that
+.ie t 256\*(^(\fIz\fP\-1\*(^) \(<= \fIn\fP < 256\*(^(\fIz\fP\*(^).
+.el 256^{z-1} <= n < 256^z.
+The encoding for
+.I n
+then consists of two octets encoding
+.I z
+as a
+.B U16
+followed by the
+.I z
+octets which are the base-256 digits of
+.I n ,
+most significant first.
+.LE
+
+.T1 "Structured data items"
+
+A
+.I structure
+is a compound object which is simply the concatenation of a number of
+its component objects. Structures are used directly as messages, and
+indirectly as things to be hashed or encrypted.
+
+The notation
+
+.SD
+. ST STRUCT . kx-cookie
+. SR OCTET . 0x11
+. SM MP . c
+. SM STRING 20 hash
+. LE
+.LE
+
+indicates that
+.I msg-cookie
+consists of the two items
+
+
+
+
+.SD
+. ST STRUCT . kx-prechal
+. SR OCTET . 0x10
+. SM MP . c
+. LE
+.LE
-.DI "Rather longer name"
-Some more guff.
+.SD
+. ST STRUCT . kx-cookie
+. SR OCTET . 0x11
+. SM MP . c
+. ST HASH .
+. SR TEXT . "tripe-cookie"
+. SM MP . c'
+. LE
+. LE
.LE
.T0 "Security considerations"
Before deploying TrIPE on their own systems, administrators ought to
satisfy themselves that the cryptographic algorithms used are
sufficiently strong for their purposes, and that their implementation of
-the TrIPE software has come from a trusted source. They should also
+the TrIPE software has come from a trustworthy source. They should also
ensure that they have adequate procedures in place for transporting
public keys without a risk of them being modified by adversaries.
.
.\"----- Font handling ------------------------------------------------------
.
-.\" .Ff font [stuff more-stuff]
+.\" .Ff font nfont [stuff more-stuff]
.\" Without stuff, changes to font. With stuff, prints stuff in font
.\" and more-stuff in the current font, with no intervening space.
.ie t \{\
. de Ff
-. ie '\\$2'' \f\\$1\c
-. el \&\f\\$1\\$2\fP\\$3
+. ie '\\$3'' \f\\$1\c
+. el \&\f\\$1\\$3\fP\\$4
..
.\}
.el \{\
-.de Ff
-.if !'\\$2'' \\$2\\$3
+. de Ff
+. ie '\\$3'' \f\\$2\c
+. el \&\f\\$2\\$3\fP\\$4
..
.\}
.
.\" Change to appropriate font, or print stuff in chosen font followed
.\" by more-stuff in current font, with no intervening space.
.de R
-.Ff R "\\$1" "\\$2"
+.Ff R R "\\$1" "\\$2"
..
.de B
-.Ff B "\\$1" "\\$2"
+.Ff B B "\\$1" "\\$2"
..
.de I
-.Ff I "\\$1" "\\$2"
+.Ff I I "\\$1" "\\$2"
..
.de P
-.Ff P "\\$1" "\\$2"
+.Ff P P "\\$1" "\\$2"
..
.de C
-.Ff (CR "\\$1" "\\$2"
+.Ff (CR R "\\$1" "\\$2"
..
.de CB
-.Ff (CB "\\$1" "\\$2"
+.Ff (CB B "\\$1" "\\$2"
..
.de CI
-.Ff (CI "\\$1" "\\$2"
+.Ff (CI I "\\$1" "\\$2"
..
.de H
-.Ff (HR "\\$1" "\\$2"
+.Ff (HR R "\\$1" "\\$2"
..
.de HB
-.Ff (HB "\\$1" "\\$2"
+.Ff (HB B "\\$1" "\\$2"
..
.de HI
-.Ff (HI "\\$1" "\\$2"
+.Ff (HI I "\\$1" "\\$2"
..
.
.\"----- Titling ------------------------------------------------------------
.nr ul 0
.de do
.ie t .ds b\\$1 \\$2
-.el .ds b\\$1 \\$3
+.el .ds b\\$1 \fB\\$3\fP
..
.do 0 \(bu o
.do 1 \(em \-
~mdw / tripe / commitdiff