Re: [KEYPROV] Your KEYPROV Action Item
<andrea.doherty@rsa.com> Tue, 24 February 2009 19:32 UTC
Return-Path: <andrea.doherty@rsa.com>
X-Original-To: keyprov@core3.amsl.com
Delivered-To: keyprov@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 68CE828C179 for <keyprov@core3.amsl.com>; Tue, 24 Feb 2009 11:32:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x4ItPJGphdQk for <keyprov@core3.amsl.com>; Tue, 24 Feb 2009 11:32:28 -0800 (PST)
Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by core3.amsl.com (Postfix) with ESMTP id 5E5803A6826 for <keyprov@ietf.org>; Tue, 24 Feb 2009 11:32:28 -0800 (PST)
Received: from hop04-l1d11-si02.isus.emc.com (HOP04-L1D11-SI02.isus.emc.com [10.254.111.55]) by mexforward.lss.emc.com (Switch-3.2.5/Switch-3.1.7) with ESMTP id n1OJWfWF004672 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 24 Feb 2009 14:32:42 -0500 (EST)
Received: from mailhub.lss.emc.com (numailhub.lss.emc.com [10.254.144.16]) by hop04-l1d11-si02.isus.emc.com (Tablus Interceptor); Tue, 24 Feb 2009 14:32:34 -0500
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.64.53]) by mailhub.lss.emc.com (Switch-3.3.2/Switch-3.3.2) with ESMTP id n1OJWTQv007044; Tue, 24 Feb 2009 14:32:34 -0500
Received: from CORPUSMX10B.corp.emc.com ([128.221.14.92]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 24 Feb 2009 14:32:32 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C996B6.980CE451"
Date: Tue, 24 Feb 2009 14:32:12 -0500
Message-ID: <9ED76AB595E4944BB33D8998DE448D1104992065@CORPUSMX10B.corp.emc.com>
In-Reply-To: <007d01c99067$39682e90$0201a8c0@nsnintra.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Your KEYPROV Action Item
thread-index: AcmQZyljsEBNWIpJQ5Sv9DEgwYc40QGTI/2g
References: <007d01c99067$39682e90$0201a8c0@nsnintra.net>
From: andrea.doherty@rsa.com
To: Hannes.Tschofenig@gmx.net, pbaker@verisign.com
X-OriginalArrivalTime: 24 Feb 2009 19:32:32.0163 (UTC) FILETIME=[A31DE730:01C996B6]
X-EMM-EM: Active
Cc: keyprov@ietf.org
Subject: Re: [KEYPROV] Your KEYPROV Action Item
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Feb 2009 19:32:29 -0000
As per the action, Phillip and I came up with wording. Here it is: The choice of cryptographic algorithm depends on the context in light of contemporary cryptanalytics. As of the date of this publication, the RECOMMENDED key wrapping mechanisms for the DSKPP server and client are: KW-AES128 without padding Refer to http://www.w3.org/2001/04/xmlenc#kw-aes128 <http://www.w3.org/2001/04/xmlenc#kw-aes128> in [XMLENC]; this mechanism is limited to key whose size is a multiple of 8 bits KW-AES128 with padding Refer to http://www.ietf.org/internet-drafts/ <http://www.ietf.org/internet-drafts/> draft-housley-aes-key-wrap-with-pad-01.txt <http://www.ietf.org/internet-drafts/draft-housley-aes-key-wrap-with-pad -01.txt> ; this mechanism is limited to keys whose size is not a multiple of 8 bits Please note that we would like to remove mention of AES-CBC-128 since we believe the I-D referenced above will become an RFC before PSKC and DSKPP. Philip H, how does this look to you? Andrea ________________________________ From: Hannes Tschofenig [mailto:Hannes.Tschofenig@gmx.net] Sent: Monday, February 16, 2009 1:49 PM To: Doherty, Andrea; 'Hallam-Baker, Phillip' Subject: Your KEYPROV Action Item ACTION: PHB and Andrea to create paragraph to be included in both specs ACTION PH to review paragraph I have not seen a mail from you on the list.
- Re: [KEYPROV] Your KEYPROV Action Item andrea.doherty