[jose] Shouldn't Cookbook 4.1 have the "might not be possible to exactly replicate..." text?
Brian Campbell <bcampbell@pingidentity.com> Wed, 30 July 2014 20:21 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B8001A0356 for <jose@ietfa.amsl.com>; Wed, 30 Jul 2014 13:21:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.585
X-Spam-Level:
X-Spam-Status: No, score=-2.585 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, FS_REPLICA=0.994, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Xcik6A83RUB for <jose@ietfa.amsl.com>; Wed, 30 Jul 2014 13:21:36 -0700 (PDT)
Received: from na6sys009bog013.obsmtp.com (na6sys009bog013.obsmtp.com [74.125.150.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECF2F1A0326 for <jose@ietf.org>; Wed, 30 Jul 2014 13:21:35 -0700 (PDT)
Received: from mail-ig0-f177.google.com ([209.85.213.177]) (using TLSv1) by na6sys009bob013.postini.com ([74.125.148.12]) with SMTP ID DSNKU9lTz/HAx98i89i5MztwX7B/h2oMGvqO@postini.com; Wed, 30 Jul 2014 13:21:36 PDT
Received: by mail-ig0-f177.google.com with SMTP id hn18so3609416igb.4 for <jose@ietf.org>; Wed, 30 Jul 2014 13:21:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=HI8ob1tAgYv21jr4CqPQ924DfyJnopUPDJ1paWczYFo=; b=CnU2JvcNWid2XVqZfL88lZZI+xbwIC4kyt5JJUyDC2L2XHkAeJzJQqtqMbadmDHae8 MO96GZ3vmI9dPt1vP4tJstXNYaUkwS4YhGT09g31bLCJOQmcxq9SDjBfylNJkLSAsVXJ Ve8XeW2rlSP0C1JiXGoDgi5jfCvp6Tsj6Ncpu7Lc1XzyNFj16+ykfWG63mpquCT5lKBR QcpREwAzsDciQgrEvXAqDYs4oVwBq1DsjTcuaCphZc9DC93m5q8SqUjGjIWeYroH1465 IErBXlyjuTnqRH5HcbNElqfrHs+d3NbIDMoU3kTSPeToDwwhUFJOZtZUyjKtJKpRqXFV 8kfg==
X-Gm-Message-State: ALoCoQk2MljkDqiHchpY9bBknCXsTq6nR0/w88t8GqzW9b9bcuRPsJjY0bFpUODiBOWTICQT/KDzE9Fv3PH8/4ETye542msAOsUGyZ3kw1tIpW1iJLWcma6ZX0WHl4GUd6J8KQ1ZJsRS
X-Received: by 10.50.36.106 with SMTP id p10mr58682359igj.9.1406751694787; Wed, 30 Jul 2014 13:21:34 -0700 (PDT)
X-Received: by 10.50.36.106 with SMTP id p10mr58682334igj.9.1406751694629; Wed, 30 Jul 2014 13:21:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.233.170 with HTTP; Wed, 30 Jul 2014 13:21:04 -0700 (PDT)
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Wed, 30 Jul 2014 14:21:04 -0600
Message-ID: <CA+k3eCTL4Q=W5BC+FPRrzek1eH6icgf7j3rj=7jNyuO0GbPJXw@mail.gmail.com>
To: "jose@ietf.org" <jose@ietf.org>, Matthew Miller <mamille2@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/cKBHirjzXOCSfbdTTNAdvDxS9NQ
Subject: [jose] Shouldn't Cookbook 4.1 have the "might not be possible to exactly replicate..." text?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jul 2014 20:21:37 -0000
My understanding is that RSAES-PKCS1-v1_5 pads with random bytes so shouldn't §4.1 "Key Encryption using RSA v1.5 and AES-HMAC-SHA2" have a note similar to what's been added in other sections that states that it "might not be possible to exactly replicate the results in this section..."? My experience with RSA v1.5 has been that each invocation of it will produce a different the encrypted key value even for the same CEK (short of doing something funky with the source of randomness but even then there's not enough info in the draft to recreate the exact same results).
- [jose] Shouldn't Cookbook 4.1 have the "might not… Brian Campbell
- Re: [jose] Shouldn't Cookbook 4.1 have the "might… Matt Miller