Re: [jose] Platform Support for JWA Crypto Algorithms
Axel Nennker <ignisvulpis@gmail.com> Wed, 31 October 2012 21:15 UTC
Return-Path: <ignisvulpis@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 594F421F868B for <jose@ietfa.amsl.com>; Wed, 31 Oct 2012 14:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AfBmQ8UyYzo8 for <jose@ietfa.amsl.com>; Wed, 31 Oct 2012 14:15:53 -0700 (PDT)
Received: from mail-we0-f172.google.com (mail-we0-f172.google.com [74.125.82.172]) by ietfa.amsl.com (Postfix) with ESMTP id EA1A821F8675 for <jose@ietf.org>; Wed, 31 Oct 2012 14:15:52 -0700 (PDT)
Received: by mail-we0-f172.google.com with SMTP id u46so951745wey.31 for <jose@ietf.org>; Wed, 31 Oct 2012 14:15:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=0swRI+urtpBuw+FwktKhhhT3e9pO1c9wMng0DL/gvgI=; b=EP544N6C7Bwi+wMh0Uzsvz7FPB3tXoxH4fCTrl478aiVTC7gPNL7agDMZPWNS2z0OA bDP7aam7xy3qEoJwJ/1AQMweBRc0XS935vVfd0Tdyoft31xKcfxZXCp4dEEd2tSO7hth zJZYv6rGcw2pCIuMBQVl20AtxQ6EccKGatJp7c8Nwr1hcgiU5Ag6UNUs59+NSqtqzAOS KV+zZNlKyLaaNXpZq8n3Wq+gnpo+ar1vddxAO7CnuZtl2HyLTywljCL9LxRKw9NwwzZN /Wy/wfyNWSSfWDd5H+4LiYVKMOdN0q6CGGMzKvI9NMXlrEDsAPQ/OlO7JmVqKlSJ1K2Q PykQ==
MIME-Version: 1.0
Received: by 10.180.94.102 with SMTP id db6mr4744551wib.20.1351718152085; Wed, 31 Oct 2012 14:15:52 -0700 (PDT)
Received: by 10.216.54.130 with HTTP; Wed, 31 Oct 2012 14:15:51 -0700 (PDT)
In-Reply-To: <CALTJjxF80RCv-b=GGJo6VQnUY8JSP6QP4AAE0FrU0DwORktbjw@mail.gmail.com>
References: <4E1F6AAD24975D4BA5B168042967394366880D09@TK5EX14MBXC285.redmond.corp.microsoft.com> <CE8995AB5D178F44A2154F5C9A97CAF40252198DCF55@HE111541.emea1.cds.t-internal.com> <4E1F6AAD24975D4BA5B16804296739436688123A@TK5EX14MBXC285.redmond.corp.microsoft.com> <CE8995AB5D178F44A2154F5C9A97CAF40252199B9114@HE111541.emea1.cds.t-internal.com> <CACvaWvZaBgsBsMMLY0CXr4nAPgYkC9GqJr1Y5y9gQH_d4OWcJA@mail.gmail.com> <CALTJjxF80RCv-b=GGJo6VQnUY8JSP6QP4AAE0FrU0DwORktbjw@mail.gmail.com>
Date: Wed, 31 Oct 2012 22:15:51 +0100
Message-ID: <CAHcDwFyq+44A_NgPXKttZmeZz18vrXMw_FLWAa+1Bq61dXGnDA@mail.gmail.com>
From: Axel Nennker <ignisvulpis@gmail.com>
To: Wan-Teh Chang <wtc@google.com>
Content-Type: multipart/alternative; boundary="f46d0442720a4aa0b104cd616898"
Cc: Michael.Jones@microsoft.com, public-webcrypto@w3.org, Ryan Sleevi <sleevi@google.com>, jose@ietf.org, Axel.Nennker@telekom.de
Subject: Re: [jose] Platform Support for JWA Crypto Algorithms
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2012 21:15:54 -0000
I think we need a table with the same platform as in Mike's table that started this discussion with KDFs that actually have implementations. Specification in RFCs or blessing by NIST does not count. Implementations rule. Usage Param Name Param Val Description .NET Windows native OS X iOS Java JCA BouncyCastle Android PHP PHPSecLib Python M2Crypto PyCrypto Ruby OpenSSL node.js NSS JWE kdf CS256 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO JWE kdf CS384 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO JWE kdf CS512 Concat Key Derivation Function (KDF) NO Win7 NO NO NO NO NO NO NO NO NO NO NO Axel 2012/10/31 Wan-Teh Chang <wtc@google.com> > On Mon, Oct 29, 2012 at 4:23 PM, Ryan Sleevi <sleevi@google.com> wrote: > > > > However, as an NSS developer, I do not see your presented argument as a > > reason not to use Concat-KDF, and Concat-KDF would be more preferable, > as a > > NIST-blessed KDF, since NSS cares especially for NIST-blessed algorithms. > > I think HKDF (hash-based key derivation function) is also worth > considering. > It is specified in RFC 5869 and is also blessed by NIST in SP 800-56C. > > Wan-Teh > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose >
- [jose] Platform Support for JWA Crypto Algorithms Mike Jones
- Re: [jose] Platform Support for JWA Crypto Algori… Axel.Nennker
- Re: [jose] Platform Support for JWA Crypto Algori… Mike Jones
- Re: [jose] Platform Support for JWA Crypto Algori… Axel.Nennker
- Re: [jose] Platform Support for JWA Crypto Algori… Matt Miller (mamille2)
- Re: [jose] Platform Support for JWA Crypto Algori… Mike Jones
- Re: [jose] Platform Support for JWA Crypto Algori… Axel Nennker
- [jose] NIST Concat KDF Manger, James H
- Re: [jose] Platform Support for JWA Crypto Algori… Matt Miller (mamille2)
- Re: [jose] Platform Support for JWA Crypto Algori… Axel Nennker
- Re: [jose] Platform Support for JWA Crypto Algori… Matt Miller (mamille2)
- Re: [jose] Platform Support for JWA Crypto Algori… Wan-Teh Chang
- Re: [jose] Platform Support for JWA Crypto Algori… Axel Nennker
- Re: [jose] Platform Support for JWA Crypto Algori… Mike Jones
- Re: [jose] NIST Concat KDF Manger, James H
- Re: [jose] NIST Concat KDF Richard L. Barnes
- Re: [jose] NIST Concat KDF Michael Jones
- Re: [jose] NIST Concat KDF Manger, James H
- Re: [jose] NIST Concat KDF Michael Jones
- Re: [jose] NIST Concat KDF Richard L. Barnes