Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02
Russ Housley <housley@vigilsec.com> Mon, 10 April 2017 15:16 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7024E1242F7 for <curdle@ietfa.amsl.com>; Mon, 10 Apr 2017 08:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fDdGkyTEL1U7 for <curdle@ietfa.amsl.com>; Mon, 10 Apr 2017 08:16:27 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC9FC129534 for <curdle@ietf.org>; Mon, 10 Apr 2017 08:16:16 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 5174D3004E6 for <curdle@ietf.org>; Mon, 10 Apr 2017 11:16:16 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 0XIwhKfrlKMu for <curdle@ietf.org>; Mon, 10 Apr 2017 11:16:13 -0400 (EDT)
Received: from new-host-5.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id 5E3E63002D0; Mon, 10 Apr 2017 11:16:13 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <2D94CE32-695A-40D5-AA47-38A239A3425E@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F5BB2AC9-D22A-40CD-A53C-F635497F81D6"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Mon, 10 Apr 2017 11:16:12 -0400
In-Reply-To: <2DD56D786E600F45AC6BDE7DA4E8A8C118BC8A8E@eusaamb107.ericsson.se>
Cc: Jim Schaad <ietf@augustcellars.com>, curdle <curdle@ietf.org>
To: Daniel Migault <daniel.migault@ericsson.com>
References: <059001d2a8a0$da207680$8e616380$@augustcellars.com> <96562891-0B33-448B-9E07-92775A4B2A88@vigilsec.com> <05d701d2a8b6$d1895bc0$749c1340$@augustcellars.com> <CADZyTk=BsoThAkfVVuvVjL2-ObDON9yEHb=PLJ68AmFe_v8x3Q@mail.gmail.com> <78AB16BB-A362-4283-9A16-24278435BCC1@vigilsec.com> <2DD56D786E600F45AC6BDE7DA4E8A8C118BC8A8E@eusaamb107.ericsson.se>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/5dyD9Ou0lYX6MoexVU8GViA3tBc>
Subject: Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2017 15:16:29 -0000
I have had one person talk to me about implementation, but I do not know if they have started coding yet or not. Russ > On Apr 10, 2017, at 11:06 AM, Daniel Migault <daniel.migault@ericsson.com> wrote: > > Thanks for the registries clarification. One more question, are you aware of any implementation of the drafts? > Yours, > Daniel > > From: Russ Housley [mailto:housley@vigilsec.com <mailto:housley@vigilsec.com>] > Sent: Monday, April 10, 2017 11:03 AM > To: Daniel Migault <daniel.migault@ericsson.com <mailto:daniel.migault@ericsson.com>> > Cc: Jim Schaad <ietf@augustcellars.com <mailto:ietf@augustcellars.com>>; curdle <curdle@ietf.org <mailto:curdle@ietf.org>> > Subject: Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh-new-curves-02 > > Daniel: > > Thanks for the review. > > 1) nits tool > the nits tools returns the following additional error: > > == The "Author's Address" (or "Authors' Addresses") section title is > misspelled. > > Fixed. > > > 2) section 2.1 defining KEK > > OLD: > To generate a key-encryption key, generates one or more KM blocks, > > NEW: > To generate a key-encryption key (KEK), KDF generates one or more KM blocks, > > Okay. I made that change. > > 3) section 2.2 defining HKDF > > OLD: > The HKDF key derivation function is a robust construct based on a one-way hash function described in RFC 5869 [HKDF]. > > NEW: > The HMAC-based Extract-and-Expand Key Derivation Function (HKDF) is a robust construct based on a one-way hash function described in RFC 5869 [HKDF]. > > Okay. I made that change. > > > 4) IANA section: > > * Wouldn't it be appropriated to mention RFC7107 section 3.3 and section 3.6 for each allocation. > > RFC 7107 created the registries. I do not see any reason to point to that document for the assignment in the registries. > > > * I have been recommended to ask to add the IANA link hosting the registries as an informational reference. In that case, that would be the following one: http://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-3 <http://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-3> > > Okay. I handed a reference for the module arc and a reference for the algorithm arc. > > > * The presentation in the IANA section differs from the one of RFC7107 which uses a table with Decimal , Description, Reference rather than using the OID presentation. > > I used the decimal presentation because that is used in the header of the registry by IANA. > > > * I am wondering whether the current draft does not update RFC7107, in which case it should be mentioned in the header, abstract and introduction. What do you think ? > > No. RFC 7107 established the registry. It does not need to be updated for every assignment that takes place in those registries. > > Russ
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Daniel Migault
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- [Curdle] Review of draft-ietf-curdle-cms-ecdh-new… Jim Schaad
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Russ Housley
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Jim Schaad
- Re: [Curdle] Review of draft-ietf-curdle-cms-ecdh… Daniel Migault