[secdir] SecDir Review of draft-krawczyk-hkdf-01.txt
Donald Eastlake <d3e3e3@gmail.com> Mon, 01 February 2010 00:04 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 64BDB3A67CF; Sun, 31 Jan 2010 16:04:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.669
X-Spam-Level:
X-Spam-Status: No, score=-1.669 tagged_above=-999 required=5 tests=[AWL=0.929, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cCWr0v3RgGHW; Sun, 31 Jan 2010 16:04:54 -0800 (PST)
Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.26]) by core3.amsl.com (Postfix) with ESMTP id 318B93A67B6; Sun, 31 Jan 2010 16:04:54 -0800 (PST)
Received: by ey-out-2122.google.com with SMTP id 22so1057044eye.51 for <multiple recipients>; Sun, 31 Jan 2010 16:05:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=X8sFUf2L1KMynfEaHZgsYJSmmpn+EbgZuHs7xZMEyqU=; b=k/ap9WNG6L9BACA0mYe5uE9SwrNTmRdjDokLUn59IqsWW9lfHe8oWKOAFK+vhTRz6a tMx4OtHVyllCkmev1hpWp5RcGg8F2FQaoXlI/9OAM3aRYNmo/lg75mfFJGeFLjmSD9/u JE2QSePDpo0yFx0uY6+k20AmzGkl61xSJnvhQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=d3I0A2IC9ZSZgDj9MlzIHoWeMoKyj84qPUTuVglIVfBXtWwjsl24OiZsBFi/Jl8Xxd Zi1Ln5/7KVU/Bp7llMNqoRajJS78PFlA9c9uPN3ScVo1j3bXwe5t2QE5DUFjZIx9EJDZ fmxlhC5mvO7UDEK9Soi9YCp03JRTnHX6kc/ys=
MIME-Version: 1.0
Received: by 10.216.86.131 with SMTP id w3mr2008573wee.156.1264982722690; Sun, 31 Jan 2010 16:05:22 -0800 (PST)
Date: Sun, 31 Jan 2010 19:05:22 -0500
Message-ID: <1028365c1001311605i6fdcf00cxdce48ec07a8fa61e@mail.gmail.com>
From: Donald Eastlake <d3e3e3@gmail.com>
To: pasi.eronen@nokia.com, hugo@ee.technion.ac.il, Tim Polk <tim.polk@nist.gov>
Content-Type: multipart/alternative; boundary="0016e6d7787fd54023047e7ebd9d"
Cc: iesg@ietf.org, secdir@ietf.org
Subject: [secdir] SecDir Review of draft-krawczyk-hkdf-01.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2010 00:04:55 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments. This draft specifies an HMAC key derivation function that is divided into two steps: an extract step to get a fixed length pseudo-random key from some inputs and an expand step which expands this pseudo-random key into the desired output keying material. It appears to be simple, useful, and, to my very limited cryptographic judgement, secure. Editorial: Section 2.1, page 3, "has always" -> "always has" Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-634-2066 (home) 155 Beaver Street Milford, MA 01757 USA d3e3e3@gmail.com
- [secdir] SecDir Review of draft-krawczyk-hkdf-01.… Donald Eastlake