[jose] Comments on draft-liusvaara-jose-cfrg-curves-00
"Jim Schaad" <ietf@augustcellars.com> Wed, 23 December 2015 00:46 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C1181A90B3 for <jose@ietfa.amsl.com>; Tue, 22 Dec 2015 16:46:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.1
X-Spam-Level:
X-Spam-Status: No, score=0.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gIpiZ5mg_kPk for <jose@ietfa.amsl.com>; Tue, 22 Dec 2015 16:46:53 -0800 (PST)
Received: from smtp1.pacifier.net (smtp1.pacifier.net [64.255.237.171]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86FB51A9092 for <jose@ietf.org>; Tue, 22 Dec 2015 16:46:53 -0800 (PST)
Received: from hebrews (c-24-21-96-37.hsd1.or.comcast.net [24.21.96.37]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp1.pacifier.net (Postfix) with ESMTPSA id 8EF922CA0B; Tue, 22 Dec 2015 16:46:52 -0800 (PST)
From: Jim Schaad <ietf@augustcellars.com>
To: draft-liusvaara-jose-cfrg-curves@tools.ietf.org
Date: Tue, 22 Dec 2015 16:44:09 -0800
Message-ID: <00e001d13d1b$09519d50$1bf4d7f0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdE9BYTYNCWH6fuCSEuI0gN0mOyh9g==
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/4Rlc1d3Dn-4pmSOgw6RfJM-MPZQ>
Cc: jose@ietf.org
Subject: [jose] Comments on draft-liusvaara-jose-cfrg-curves-00
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Dec 2015 00:46:55 -0000
Here are some comments on the current draft. * Abstract: The abstract needs to be expanded to include the names of the algorithms that are being included here. (Note that references in an abstract are not considered kosher so don't do that.) You need to be able to read the abstract without the rest of the document and be able to decide if it is the correct document. * Section 1: Putting a reference to the new algorithms in the first sentence would be a reasonable edit. I would also probably at least consider putting the set of algorithms here by name. Think of reading the introduction in 10 years when a new set of algorithms has been created. * Section 1: The IETF does not have the concept of extending documents. Documents generally fall into the categories of a) stand alone, b) updates an existing document, c) obsoletes and existing document. The second paragraph either should be removed or re-phrased. Possibly something along the lines of "This document defines the conventions to be used in the context of [JWA] and [JWK]." Although I am not sure that I even care for that. * Section 1.2: I am not sure that this qualifies as being notation. I would probably change the title * Section 2: In response to a question that you had asked earlier on the list, but which I did not respond to at the time. I believe that you could define any of the existing parameter to be a required parameter for a new key type. You would need to have a good justification for doing so, but it would be possible to define 'alg' as a required parameter for the key type 'OKP'. Having to do simple checks for things like {"kty":"OKP","crv":"Ed25519", "alg":"Ed25519p", "x":"...."} as being illegal seems problematic. * Section 2: You have introduced the term 'subtype of the key' without making it clear where this term is coming from. This is not a field in the registry as seems to be implied by the text. * Section 2: If you don't like the terms crv and x, perhaps you should seriously think about using different names for these fields. That is the feeling I am getting from the Note in this section. * Section 3.1.1: For formatting I would remove the colons in the table. * Section 3.1.1: The table is a bit confusing given that all of the columns have the same value. Without a better description of the headers I don't find it to be very useful. * Section 3.1.1: I think that I have a real problem with the concept of all of the parameters of a signature algorithm being defined by the "crv" field rather than the "alg" field. This seems to be a real misuse of what crv currently represents. If you do combine things into one algorithm I would really do some renaming of the key fields. (See note above on use of 'alg' instead of 'crv'.) * Section 3.1.2 and 3.1.3: Yes - I like the fact that there is not a full description of the signature processing here!!! * Section 3.2 - what is the 'alg' parameter supposed to be here? It is not in the table. (See above notes on the table.) * Section 3.2.1 - You need to specify what the KDF to be used is. * Section 3.2.1 - You need to specify either how the KDF uses K_A and K_B as well as K or say why it is not needed. This is not defined as part of the shared secret by the CFRG document. * Section 4 - s/information what key/information about what key/ Jim
- [jose] Comments on draft-liusvaara-jose-cfrg-curv… Jim Schaad
- Re: [jose] Comments on draft-liusvaara-jose-cfrg-… Anders Rundgren
- Re: [jose] Comments on draft-liusvaara-jose-cfrg-… Ilari Liusvaara
- Re: [jose] Comments on draft-liusvaara-jose-cfrg-… Ilari Liusvaara
- [jose] Std Java key representation of OKP in draf… Vladimir Dzhuvinov
- Re: [jose] Std Java key representation of OKP in … Anders Rundgren
- Re: [jose] Std Java key representation of OKP in … Vladimir Dzhuvinov
- Re: [jose] Std Java key representation of OKP in … Anders Rundgren
- Re: [jose] Std Java key representation of OKP in … Vladimir Dzhuvinov