Re: [secdir] Secdir review of draft-moriarty-pkcs12v1-1-03
"Moriarty, Kathleen" <kathleen.moriarty@emc.com> Fri, 17 January 2014 18:45 UTC
Return-Path: <kathleen.moriarty@emc.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20C901ADEA1; Fri, 17 Jan 2014 10:45:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.538
X-Spam-Level:
X-Spam-Status: No, score=-2.538 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gBCdguOspdoJ; Fri, 17 Jan 2014 10:44:58 -0800 (PST)
Received: from mailuogwdur.emc.com (mailuogwdur.emc.com [128.221.224.79]) by ietfa.amsl.com (Postfix) with ESMTP id 6D8D71AD939; Fri, 17 Jan 2014 10:44:58 -0800 (PST)
Received: from maildlpprd52.lss.emc.com (maildlpprd52.lss.emc.com [10.106.48.156]) by mailuogwprd53.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id s0HIiZZt008112 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 17 Jan 2014 13:44:36 -0500
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com s0HIiZZt008112
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1389984276; bh=QxJHZBMKEzLeteClehXM5ZlrA0s=; h=From:To:Date:Subject:Message-ID:References:In-Reply-To: Content-Type:MIME-Version; b=juIRcLQO7L7SRJxjLNmZHIfYOkGps2YtocZugsuYb/de46v/7jHa3XLovNJsWX5bC hk50RxMu2XwZAdMr05qmxjr8VJvmFePrgYT0Vb6jA880RYOX2o6pACFntXLsoLi1jK klYdV33lpPRpyqSKRY6Z4sfaDDkPMv5+LdpgBDY4=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com s0HIiZZt008112
Received: from mailusrhubprd54.lss.emc.com (mailusrhubprd54.lss.emc.com [10.106.48.19]) by maildlpprd52.lss.emc.com (RSA Interceptor); Fri, 17 Jan 2014 13:44:19 -0500
Received: from mxhub29.corp.emc.com (mxhub29.corp.emc.com [128.222.70.169]) by mailusrhubprd54.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id s0HIiILc009677 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 17 Jan 2014 13:44:19 -0500
Received: from mx15a.corp.emc.com ([169.254.1.107]) by mxhub29.corp.emc.com ([128.222.70.169]) with mapi; Fri, 17 Jan 2014 13:44:18 -0500
From: "Moriarty, Kathleen" <kathleen.moriarty@emc.com>
To: Tina TSOU <Tina.Tsou.Zouting@huawei.com>, "Org Iesg@Ietf." <iesg@ietf.org>, "draft-moriarty-pkcs12v1-1.all@tools.ietf.org" <draft-moriarty-pkcs12v1-1.all@tools.ietf.org>, "Org Secdir@Ietf." <secdir@ietf.org>
Date: Fri, 17 Jan 2014 13:44:17 -0500
Thread-Topic: Secdir review of draft-moriarty-pkcs12v1-1-03
Thread-Index: Ac8OoNNjmUASwqpuQRqIGLIzjfx0kAFETBSA
Message-ID: <F5063677821E3B4F81ACFB7905573F2406584BA9C0@MX15A.corp.emc.com>
References: <37320726-3F8C-43B8-BCBD-5C40DF1F2572@huawei.com>
In-Reply-To: <37320726-3F8C-43B8-BCBD-5C40DF1F2572@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_F5063677821E3B4F81ACFB7905573F2406584BA9C0MX15Acorpemcc_"
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd54.lss.emc.com
X-RSA-Classifications: DLM_1, public
Subject: Re: [secdir] Secdir review of draft-moriarty-pkcs12v1-1-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 18:45:01 -0000
Hello Tina, Thank you very much for taking the time to review. I made the editorial corrections in the new version that will be posted shortly. We decided to transfer change control to the IETF in this version and will make more substantial updates to fix problems in the next version. Thank you, Kathleen From: secdir [mailto:secdir-bounces@ietf.org] On Behalf Of Tina TSOU Sent: Saturday, January 11, 2014 2:44 AM To: Org Iesg@Ietf.; draft-moriarty-pkcs12v1-1.all@tools.ietf.org; Org Secdir@Ietf. Subject: [secdir] Secdir review of draft-moriarty-pkcs12v1-1-03 Dear all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Most of the contents in this draft is taken directly from a published RSA document PKCS #12. In this version, nearly all the typos are corrected. I think this document is good enough for publication. In security consideration, it is suggested to follow PKCS #5 (RFC2898) to select passwords. I realize that in RFC2898 there is no discussion about how to ensure a good randomness of the salt. Therefore, I suggest to cite RFC4086. Maybe there should also be a reference to Appendix B, just to put that Appendix into perspective ... saying that RFC 4086 is the superior guide, but for integrity protection only, the method of Appendix B may be adequate. Typo: second line of Abstract (Republication) From -> (Republication) from Typo, Sec. 1.1, third from last bullet regarding SP 800-132 selection of a the -> selection of the Nit: Appendix B, Sec. B.4 passwords and salt that was given in Appendix C -> passwords and salt that is given in Appendix C Thank you, Tina
- [secdir] Secdir review of draft-moriarty-pkcs12v1… Tina TSOU
- Re: [secdir] Secdir review of draft-moriarty-pkcs… Moriarty, Kathleen