IETF Logo Mail Archive

Re: draft-gaonkar-radext-erp-attrs-03

<Bernard_Aboba@hotmail.com> Thu, 13 March 2008 23:27 UTC

Return-Path: <owner-radiusext@ops.ietf.org>
X-Original-To: ietfarch-radext-archive-IeZ9sae2@core3.amsl.com
Delivered-To: ietfarch-radext-archive-IeZ9sae2@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D14EA3A6B4C for <ietfarch-radext-archive-IeZ9sae2@core3.amsl.com>; Thu, 13 Mar 2008 16:27:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.599
X-Spam-Level:
X-Spam-Status: No, score=0.599 tagged_above=-999 required=5 tests=[AWL=-0.573, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1, SARE_HEAD_XUNSENT=1.666, STOX_REPLY_TYPE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2SMgs-ZveYNd for <ietfarch-radext-archive-IeZ9sae2@core3.amsl.com>; Thu, 13 Mar 2008 16:27:06 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 8C02928C7F8 for <radext-archive-IeZ9sae2@lists.ietf.org>; Thu, 13 Mar 2008 16:26:43 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.68 (FreeBSD)) (envelope-from <owner-radiusext@ops.ietf.org>) id 1JZwio-000IJG-JY for radiusext-data@psg.com; Thu, 13 Mar 2008 23:20:26 +0000
Received: from [65.55.175.194] (helo=blu139-omc2-s24.blu139.hotmail.com) by psg.com with esmtp (Exim 4.68 (FreeBSD)) (envelope-from <bernard_aboba@hotmail.com>) id 1JZwie-000IGo-22 for radiusext@ops.ietf.org; Thu, 13 Mar 2008 23:20:17 +0000
Received: from BLU137-DS1 ([65.55.162.185]) by blu139-omc2-s24.blu139.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 13 Mar 2008 16:20:16 -0700
X-Originating-IP: [130.129.20.161]
X-Originating-Email: [bernard_aboba@hotmail.com]
Message-ID: <BLU137-DS1267F0076896D2FC57FFF93090@phx.gbl>
From: Bernard_Aboba@hotmail.com
In-Reply-To: <003601c88386$d06b7a20$091716ac@xpsuperdvd2> <47D69F03.3030800@qualcomm.com> <001b01c88552$5cf769f0$091716ac@xpsuperdvd2> <47D99FEA.1090308@qualcomm.com> <002201c88554$8820b0d0$091716ac@xpsuperdvd2>
To: "David B. Nelson" <dnelson@elbrysnetworks.com>, 'Lakshminath Dondeti' <ldondeti@qualcomm.com>
Cc: kgaonkar3@gatech.edu, vidyan@qualcomm.com, glenzorn@comcast.net, 'Charles Clancy' <clancy@cs.umd.edu>, radiusext@ops.ietf.org
References: <003601c88386$d06b7a20$091716ac@xpsuperdvd2> <47D69F03.3030800@qualcomm.com> <001b01c88552$5cf769f0$091716ac@xpsuperdvd2> <47D99FEA.1090308@qualcomm.com> <002201c88554$8820b0d0$091716ac@xpsuperdvd2>
Subject: Re: draft-gaonkar-radext-erp-attrs-03
X-Unsent: 1
Date: Thu, 13 Mar 2008 16:20:27 -0700
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 12.0.1606
X-MimeOLE: Produced By Microsoft MimeOLE V12.0.1606
X-OriginalArrivalTime: 13 Mar 2008 23:20:16.0045 (UTC) FILETIME=[CBABD5D0:01C88560]
Sender: owner-radiusext@ops.ietf.org
Precedence: bulk

> There is a desire to use NIST-approved key-wrap
> algorithms for wrapping keys, and those algorithms are inappropriate for
> general-purpose data encryption.

I'm not sure why this is a problem.   The encrypted attribute
container can include an algorithm field, so that it would be possible to 
encrypt one bag of attributes (not keys) with one algorithm, while using
a keywrap algorithm for another bag (which represent keys).

A (perhaps silly) question:

* Are general encryption algorithms suitable for use in encrypting keys? 
The Diameter EAP application has always assumed that they were. 

* Is there a pointer to a the limitations of keywrap algorithms? 
 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

v2.23.0 | Report a Bug | By Email