IETF Logo Mail Archive

Re: [kitten] draft-ietf-krb-wg-pkinit-alg-agility-07 Re: now that I've volunteered....

Tom Yu <tlyu@mit.edu> Tue, 31 March 2015 22:07 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44C4F1A9130 for <kitten@ietfa.amsl.com>; Tue, 31 Mar 2015 15:07:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oarIyN1JSqpv for <kitten@ietfa.amsl.com>; Tue, 31 Mar 2015 15:07:20 -0700 (PDT)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) by ietfa.amsl.com (Postfix) with ESMTP id 94F861ACD26 for <kitten@ietf.org>; Tue, 31 Mar 2015 15:07:20 -0700 (PDT)
X-AuditID: 12074422-f79cb6d000000d7b-ff-551b1a97c420
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id A8.2B.03451.79A1B155; Tue, 31 Mar 2015 18:07:19 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id t2VM7JkP012984; Tue, 31 Mar 2015 18:07:19 -0400
Received: from localhost (sarnath.mit.edu [18.18.1.190]) (authenticated bits=0) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t2VM7HRV014715; Tue, 31 Mar 2015 18:07:18 -0400
From: Tom Yu <tlyu@mit.edu>
To: Nico Williams <nico@cryptonector.com>
References: <alpine.GSO.1.10.1411192205490.19231@multics.mit.edu> <962591069.3713128.1427479391512.JavaMail.yahoo@mail.yahoo.com> <ldv1tkatgzr.fsf@sarnath.mit.edu> <ldva8ysrgri.fsf@sarnath.mit.edu> <CAK3OfOj8q+90XQuCNcdqesteLCpEaVsE46-jbmnr+an_cxM68A@mail.gmail.com>
Date: Tue, 31 Mar 2015 18:07:15 -0400
In-Reply-To: <CAK3OfOj8q+90XQuCNcdqesteLCpEaVsE46-jbmnr+an_cxM68A@mail.gmail.com> (Nico Williams's message of "Tue, 31 Mar 2015 17:01:19 -0500")
Message-ID: <ldvy4mcq0rw.fsf@sarnath.mit.edu>
Lines: 18
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrBIsWRmVeSWpSXmKPExsUixG6nojtdSjrUYNIXc4ujm1exWJy6doTN 4lvXdWYHZo+Xp84xeixZ8pPJY9asw0wBzFFcNimpOZllqUX6dglcGct7VQtOslY82v6XsYHx KEsXIyeHhICJxN/jx1ghbDGJC/fWs3UxcnEICSxmkmiZsJYVwtnIKHFzwmoo5w2jxL5dzxhB WtgEpCWOX97FBGKLCGhKXJ+3lA3EZhZwkVh+4TYziC0sEC9xYOMnqLETmCSmr7oKVsQioCox eWM/M0iCU2ASo8ThXZ/ADuEV0JVYuqwDzOYR4JT49XcCG0RcUOLkzCcsEBu0JG78e8k0gVFg FpLULCSpBYxMqxhlU3KrdHMTM3OKU5N1i5MT8/JSi3RN9XIzS/RSU0o3MYID1UVpB+PPg0qH GAU4GJV4eC/ckwwVYk0sK67MPcQoycGkJMr7UEw6VIgvKT+lMiOxOCO+qDQntfgQowQHs5II 7/YjUqFCvCmJlVWpRfkwKWkOFiVx3k0/+EKEBNITS1KzU1MLUotgsjIcHEoSvNGSQEMFi1LT UyvSMnNKENJMHJwgw3mAhjOC1PAWFyTmFmemQ+RPMepy3JnyfxGTEEtefl6qlDivM0iRAEhR Rmke3BxYgnnFKA70ljCvBUgVDzA5wU16BbSECWjJ6VXiIEtKEhFSUg2MWSWWCSZXFhk5R06y W+T5/jB7++3HE5WbvDhlFjM4LLvP41Ih8lD/2IwHpn0P/15nXh/1zWQlR/Ui1p0BT/eenPWF OelCo8uJaxbbrKT53yqK+Ua7T5Vyu5BYsOFPrKnwJ9e7CnoZvzwOulru4NF5W8DXtcpm3btn B07LWf3ek79mL988mzUqSizFGYmGWsxFxYkAicvcmwsDAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/wlwrUypWpB960cjFhoG4W6g_-BY>
Cc: Kitten WG <kitten@ietf.org>
Subject: Re: [kitten] draft-ietf-krb-wg-pkinit-alg-agility-07 Re: now that I've volunteered....
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2015 22:07:22 -0000

Nico Williams <nico@cryptonector.com> writes:

> On Tue, Mar 31, 2015 at 4:36 PM, Tom Yu <tlyu@mit.edu> wrote:

>> We can debate whether the component identifiers for the KDF OIDs should
>> be just <hashname> or ah-<hashname>.
>
> I don't think that would be a breaking change, though in general OID
> naming changes could be.  The safe way to do this would be to leave
> compatibility values behind:
>
> id-pkinit-kdf-sha384 OBJECT IDENTIFIER ::= id-pkinit-kdf-ah-sha384
>
> But I don't care.

I was intending to indicate, e.g., { id-pkinit-kdf sha384(4) } vs
{ id-pkinit-kdf ah-sha384(4) } , not the reference identifiers for the
entire OIDs (id-pkinit-kdf-ah-sha384 vs id-pkinit-kdf-sha384).

v2.23.0 | Report a Bug | By Email