[secdir] Secdir review of draft-moriarty-pkcs12v1-1-03
Tina TSOU <Tina.Tsou.Zouting@huawei.com> Sat, 11 January 2014 07:44 UTC
Return-Path: <Tina.Tsou.Zouting@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C3781AD7C5; Fri, 10 Jan 2014 23:44:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.738
X-Spam-Level:
X-Spam-Status: No, score=-4.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id is4t_RjXldDN; Fri, 10 Jan 2014 23:43:59 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 3B0361ACCFE; Fri, 10 Jan 2014 23:43:58 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml203-edg.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id AZV38873; Sat, 11 Jan 2014 07:43:46 +0000 (GMT)
Received: from LHREML405-HUB.china.huawei.com (10.201.5.242) by lhreml203-edg.huawei.com (172.18.7.221) with Microsoft SMTP Server (TLS) id 14.3.158.1; Sat, 11 Jan 2014 07:43:02 +0000
Received: from SJCEML702-CHM.china.huawei.com (10.212.94.48) by lhreml405-hub.china.huawei.com (10.201.5.242) with Microsoft SMTP Server (TLS) id 14.3.158.1; Sat, 11 Jan 2014 07:43:41 +0000
Received: from SJCEML701-CHM.china.huawei.com ([169.254.3.228]) by SJCEML702-CHM.china.huawei.com ([169.254.4.68]) with mapi id 14.03.0158.001; Fri, 10 Jan 2014 23:43:32 -0800
From: Tina TSOU <Tina.Tsou.Zouting@huawei.com>
To: "Org Iesg@Ietf." <iesg@ietf.org>, "draft-moriarty-pkcs12v1-1.all@tools.ietf.org" <draft-moriarty-pkcs12v1-1.all@tools.ietf.org>, "Org Secdir@Ietf." <secdir@ietf.org>
Thread-Topic: Secdir review of draft-moriarty-pkcs12v1-1-03
Thread-Index: Ac8OoNNjmUASwqpuQRqIGLIzjfx0kA==
Date: Sat, 11 Jan 2014 07:43:32 +0000
Message-ID: <37320726-3F8C-43B8-BCBD-5C40DF1F2572@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_373207263F8C43B8BCBD5C40DF1F2572huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: [secdir] Secdir review of draft-moriarty-pkcs12v1-1-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jan 2014 07:44:01 -0000
Dear all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Most of the contents in this draft is taken directly from a published RSA document PKCS #12. In this version, nearly all the typos are corrected. I think this document is good enough for publication. In security consideration, it is suggested to follow PKCS #5 (RFC2898) to select passwords. I realize that in RFC2898 there is no discussion about how to ensure a good randomness of the salt. Therefore, I suggest to cite RFC4086. Maybe there should also be a reference to Appendix B, just to put that Appendix into perspective ... saying that RFC 4086 is the superior guide, but for integrity protection only, the method of Appendix B may be adequate. Typo: second line of Abstract (Republication) From -> (Republication) from Typo, Sec. 1.1, third from last bullet regarding SP 800-132 selection of a the -> selection of the Nit: Appendix B, Sec. B.4 passwords and salt that was given in Appendix C -> passwords and salt that is given in Appendix C Thank you, Tina
- [secdir] Secdir review of draft-moriarty-pkcs12v1… Tina TSOU
- Re: [secdir] Secdir review of draft-moriarty-pkcs… Moriarty, Kathleen