RE: I-D ACTION:draft-ietf-smime-ecc-03.txt
FRousseau@chrysalis-its.com Wed, 07 March 2001 20:39 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA21977 for <smime-archive@odin.ietf.org>; Wed, 7 Mar 2001 15:39:58 -0500 (EST)
Received: (from majordomo@localhost) by above.proper.com (8.9.3/8.9.3) id MAA17285 for ietf-smime-bks; Wed, 7 Mar 2001 12:13:54 -0800 (PST)
Received: from kodiak.chrysalis-its.com ([206.47.125.131]) by above.proper.com (8.9.3/8.9.3) with ESMTP id MAA17280 for <ietf-smime@imc.org>; Wed, 7 Mar 2001 12:13:52 -0800 (PST)
From: FRousseau@chrysalis-its.com
Received: by kodiak.chrysalis-its.com with Internet Mail Service (5.5.2650.21) id <GFG7L1DJ>; Wed, 7 Mar 2001 15:13:50 -0500
Message-ID: <918C70B01822D411A87400B0D0204DFF72F643@panda.chrysalis-its.com>
To: sblakewilson@certicom.com
Cc: ietf-smime@imc.org
Subject: RE: I-D ACTION:draft-ietf-smime-ecc-03.txt
Date: Wed, 07 Mar 2001 15:13:52 -0500
X-Mailer: Internet Mail Service (5.5.2650.21)
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Hi Simon, I had a quick look over this latest Internet Draft (ID) on how to use Elliptic Curve Cryptography (ECC) public-key algorithms in the Cryptographic Message Syntax (CMS) and came up with the following technical and editorial comments: a. Sections 1, 3.2, 4.1 and 8.2, it is not clear why only the ECMQV key agreement algorithm is supported with AuthenticatedData and not also the ECDH key agreement algorithm. Although ECMQV is comparable to KEA, which can also be used with AuthenticatedData, ECDH is the analog to the X9.42 Diffie-Hellman key agreement algorithm specified in RFC 2630 and is the default algorithm with AuthenticatedData. b. Section 1.1, although this section lists the key words used in this ID as per RFC 2119, they are in reality used quite sparsely throughout this ID. c. Section 2.1.1, the reference to Section 7.2 for the ECDSA-Sig-Value is incorrect. d. Sections 2.1.2 and 2.1.3, there seems to be some confusion as to whether the message digest is a bit string, an octet string or an integer. According to ANSI X9.30 Part 2, FIPS 180-1 and a 1999 draft revision of ANSI X9.62, which is only available on the ANSI X9F1 web site, the message digest is a bit string. However, according to this ID and the SECG SEC1 standard, the message digest is an octet string. Finally, according to the approved ANSI X9.62:1988 standard, the message digest magically becomes the integer "e". Which one is correct? e. Sections 2.1.2 and 2.1.3, the ID should explain why it is making these exceptions from the ANSI X9.62 standard with the integer "e". f. Section 2.1.2, the last sentence should be referring to Section 8.2 when mentioning the ECDSA-Sig-Value syntax. g. Section 2.1.3, it is the integer "e'" and not "e" that is mentioned in Section 5.4.1 of ANSI X9.62. h. Section 3.1.1, the last sentence of the second paragraph should indicate that the ECPoint represents the sending agent's ephemeral EC public key. i. Section 3.1.1, the reference to Section 7.1 for the dhSinglePass-stdDH-sha1kdf-scheme object identifier is incorrect. j. Sections 3.1.3 and 3.2.3 should both indicate that the "SharedData" is the DER encoding of ECC-CMS-SharedInfo from Section 8.2 similarly to Sections 3.1.2 and 3.2.2. k. Section 3.2.1, it is not clear why the version is mentioned in this case and not under Section 3.1.1 since the value of 3 for the version is not different than CMS when using the KeyAgreeRecipientInfo. l. Section 3.2.1, you should be referring to Section 8.2 when mentioning the ECPoint that represents the sending agent's ephemeral EC public key. m. Section 5, why do you not refer to SEC2 instead of SEC3 when recommending elliptic curve domain parameters? n. Section 7, as per other RFCs (e.g. RFC 2876 (KEA), RFC 2984 (CAST), RFC 3058 (IDEA)), it would be very useful to include some specific DER encoding of the SMIMECapability (e.g. ECDSA, ECDH with Triple DES wrapping). o. Section 8.2, when referring to ANSI X9.63 key derivation function in the last paragraph, the ID should also be referring to the appropriate section of X9.63 that specifies this key derivation function (i.e. Section 5.6.3). p. Section 9, although ANSI X9.62 was approved in January 1999, the official date for referring to this standard is still 1998. q. Section 9, according to the SECG web site, SEC3 is still a draft standard and has not yet been approved. Please feel free to contact me if you have any question on these comments. Cheers, Francois ___________________________________ Francois Rousseau Director of Standards and Conformance Chrysalis-ITS One Chrysalis Way Ottawa, Ontario, CANADA, K2G 6P9 frousseau@chrysalis-its.com Tel. (613) 723-5076 ext. 3419 http://www.chrysalis-its.com Fax. (613) 723-5078 -----Original Message----- From: Internet-Drafts@ietf.org [mailto:Internet-Drafts@ietf.org] Sent: Wednesday, March 07, 2001 07:47 Cc: ietf-smime@imc.org Subject: I-D ACTION:draft-ietf-smime-ecc-03.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Use of ECC Algorithms in CMS Author(s) : D. Brown, S. Blake-Wilson, P. Lambert Filename : draft-ietf-smime-ecc-03.txt Pages : 15 Date : 06-Mar-01 This document describes how to use Elliptic Curve Cryptography (ECC) public-key algorithms in the Cryptographic Message Syntax (CMS). The ECC algorithms support the creation of digital signatures and the exchange of keys to encrypt or authenticate content. The definition of the algorithm processing is based on the ANSI X9.62 standard and the ANSI X9.63 draft, developed by the ANSI X9F1 working group.
- I-D ACTION:draft-ietf-smime-ecc-03.txt Internet-Drafts
- RE: I-D ACTION:draft-ietf-smime-ecc-03.txt FRousseau
- RE: I-D ACTION:draft-ietf-smime-ecc-03.txt Daniel Brown
- RE: I-D ACTION:draft-ietf-smime-ecc-03.txt FRousseau
- RE: I-D ACTION:draft-ietf-smime-ecc-03.txt Simon Blake-Wilson