--- 1/draft-ietf-tls-cached-info-05.txt	2010-03-30 05:11:09.000000000 +0200
+++ 2/draft-ietf-tls-cached-info-06.txt	2010-03-30 05:11:10.000000000 +0200
@@ -1,17 +1,17 @@
 
 INTERNET-DRAFT                               S. Santesson (3xA Security)
 Intended Status: Proposed Standard
-Expires: September 27, 2010                               March 26, 2010
+Expires: October 1, 2010                                  March 30, 2010
 
       Transport Layer Security (TLS) Cached Information Extension
-                  <draft-ietf-tls-cached-info-05.txt>
+                  <draft-ietf-tls-cached-info-06.txt>
 
 Abstract
 
    This document defines a Transport Layer Security (TLS) extension for
    cached information. This extension allows the TLS client to inform a
    server of cached information from previous TLS sessions, allowing the
    server to omit sending cached static information to the client during
    the TLS handshake protocol exchange.
 
 Status of this Memo
@@ -54,25 +54,29 @@
 
    1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
       1.1.  Terminology  . . . . . . . . . . . . . . . . . . . . . . . 3
    2.  Cached Information Extension  . . . . . . . . . . . . . . . . . 4
    4.  Extension Exchange  . . . . . . . . . . . . . . . . . . . . . . 5
       4.1. Reconnaissance  . . . . . . . . . . . . . . . . . . . . . . 5
       4.2. Cached Information  . . . . . . . . . . . . . . . . . . . . 5
    5.  Data Substitution . . . . . . . . . . . . . . . . . . . . . . . 6
       5.1.  Data Substitution Syntax for certificate_chain . . . . . . 6
       5.2.  Data Substitution Syntax for trusted_cas . . . . . . . . . 7
-   6.  Security Considerations . . . . . . . . . . . . . . . . . . . . 7
+   6.  Security Considerations . . . . . . . . . . . . . . . . . . . . 8
    7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
-   8.  Normative References  . . . . . . . . . . . . . . . . . . . . . 8
-   Annex A - 64 bit FNV-1 Digest . . . . . . . . . . . . . . . . . . . 9
-   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10
+   8.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 8
+   9.  Normative References  . . . . . . . . . . . . . . . . . . . . . 8
+   Annex A - 64 bit FNV-1a digest  . . . . . . . . . . . . . . . . .  10
+      A.1. Definition (Normative)  . . . . . . . . . . . . . . . . .  10
+      A.2  Example code (Informative)  . . . . . . . . . . . . . . .  11
+      A.3. Digest samples (Informative)  . . . . . . . . . . . . . .  12
+   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  13
 
 1.  Introduction
 
    TLS handshakes often include fairly static information such as server
    certificate and a list of trusted Certification Authorities (CAs).
    Static information such as a server certificate can be of
    considerable size. This is the case in particular if the server
    certificate is bundled with a complete certificate path, including
    all intermediary certificates up to the trust anchor public key.
 
@@ -277,77 +282,147 @@
 
    2) Establish a registry for TLS CachedInformationType values.  The
       first entries in the registry are certificate_chain(1) and
       trusted_cas(2). TLS CachedInformationType values in the inclusive
       range 0-63 (decimal) are assigned via RFC 5226 [RFC5226] Standards
       Action.  Values from the inclusive range 64-223 (decimal) are
       assigned via RFC 5226 Specification Required.  Values from the
       inclusive range 224-255 (decimal) are reserved for RFC 5226
       Private Use.
 
-8.  Normative References
+8.  Acknowledgements
+
+   The author acknowledge input from many members of the TLS working
+   group, Martin Rex for extensive review and input and Marsh Ray for
+   testing and providing digest samples.
+
+9.  Normative References
 
    [RFC2119]   S. Bradner, "Key words for use in RFCs to Indicate
                Requirement Levels", BCP 14, RFC 2119, March 1997
 
    [RFC5226]   T. Narten, H. Alvestrand, "Guidelines for Writing an IANA
                Considerations Section in RFCs", RFC 5226, May 2008
 
    [RFC5246]   T. Dierks, E. Rescorla, "The Transport Layer Security
                (TLS) Protocol Version 1.2", RFC 5246, August 2008
 
    [RFC4366]   S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, T.
                Wright, "Transport Layer Security (TLS) Extensions", RFC
                4366, April 2006
 
    NOTE: RFC 4366 will be updated by RFC4366bis, currently in IESG
          process.
 
-Annex A - 64 bit FNV-1 Digest
+Annex A - 64 bit FNV-1a digest
+
+A.1. Definition (Normative)
 
    FNV-1 digest algorithm is a non-cryptographic hash function created
    by Glenn Fowler, Landon Curt Noll, and Phong Vo. The FNV digest
    algorithms and sample FNV source code have been released into the
-   public domain.
+   public domain. FNV-1 has two defined variants, FNV-1 and FNV-1a. The
+   algorithm specified in this annex specifies the FNV-1a variant.
 
-   The FNV-1 digest is generated as follows:
+   The FNV-1a digest is generated as follows:
 
       digest = FNV_offset_basis
-      for each octet_of_data to be digested
-      	digest = digest * FNV_prime
+      for each octet_of_data to be digested {
       	digest = digest XOR octet_of_data
+             digest = digest * FNV_prime }
       return digest
 
    In the above pseudocode, all variables are unsigned integers. All
    variables, except for octet_of_data, have the same number of bits as
    the FNV digest (64 Bits). The variable, octet_of_data, is an 8 bit
-   unsigned integer. Specifically for a 64 bit FNV-1 digest the
+   unsigned integer. Specifically for a 64 bit FNV-1a digest the
    following applies:
 
      o All variables, except for octet_of_data, are 64-bit unsigned
        integers.
 
      o The variable, octet_of_data, is an 8 bit unsigned integer.
 
      o The FNV_offset_basis is the 64-bit FNV offset basis value:
        14695981039346656037.
 
      o The FNV_prime is the 64-bit FNV prime value: 1099511628211.
 
      o The multiply function (indicated by the '*' symbol) returns the
        lower 64-bits of the product.
 
      o The XOR is an 8-bit operation that modifies only the lower 8-bits
        of the digest value.
 
      o The digest value returned is an 64-bit unsigned integer.
 
+A.2  Example code (Informative)
+
+   /**
+    * Java example code implementing FNV-1a according to Annex A
+    */
+
+   import java.math.BigInteger;
+
+   public class FNV {
+
+       static public BigInteger getFNV1a64Digest (String inpString) {
+
+           BigInteger m = new BigInteger("2").pow(64);
+           BigInteger fnvPrime = new BigInteger("1099511628211");
+           BigInteger fnvOffsetBasis = new BigInteger
+                                       ("14695981039346656037");
+
+           BigInteger digest = fnvOffsetBasis;
+
+           for (int i = 0; i < inpString.length(); i++) {
+               digest = digest.xor(BigInteger.valueOf(
+                        (int) inpString.charAt(i)));
+               digest = digest.multiply(fnvPrime).mod(m);
+           }
+
+           return (digest);
+
+       }
+   }
+
+A.3. Digest samples (Informative)
+
+   Digest samples for 64 bit FNV-1a according to A.1.
+
+   For input data:
+      null ("")
+      0 bytes
+
+   Digest is: CB F2 9C E4 84 22 23 25
+
+   For input data:
+      hex: 61 ("a")
+      1 byte
+
+   Digest is: AF 63 DC 4C 86 01 EC 8C
+
+   For input data:
+      hex: FF 00 00 01
+      4 bytes
+
+   Digest is: 69 61 19 64 91 CC 68 2D
+
+   For input data:
+      hex: 68 74 74 70 3A 2F 2F 65 6E 2E 77 69 6B 69 70 65
+           64 69 61 2E 6F 72 67 2F 77 69 6B 69 2F 46 6F 77
+           6C 65 72 5F 4E 6F 6C 6C 5F 56 6F 5F 68 61 73 68
+           ("http://en.wikipedia.org/wiki/Fowler_Noll_Vo_hash")
+      48 bytes
+
+   Digest is: D9 B9 57 FB 7F E7 94 C5
+
 Authors' Addresses
 
    Stefan Santesson
 
    3xA Security AB
    Bjornstorp 744
    247 98 Genarp
    Sweden
 
    EMail: sts@aaa-sec.com