[lamps] WGLC comments draft-ietf-lamps-cms-shakes-01

Jim Schaad <ietf@augustcellars.com> Fri, 03 August 2018 20:08 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 078B8130DC8; Fri, 3 Aug 2018 13:08:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id phOHE94k7EST; Fri, 3 Aug 2018 13:08:25 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BB0F127B92; Fri, 3 Aug 2018 13:08:22 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Fri, 3 Aug 2018 13:04:39 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: <draft-ietf-lamps-cms-shakes@ietf.org>
CC: <spasm@ietf.org>
Date: Fri, 3 Aug 2018 13:08:15 -0700
Message-ID: <00be01d42b65$b8452ee0$28cf8ca0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AdQrYfbRVkTwsnqsQNmaLQLHacjs/A==
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/QHmx93uRHR3257o5GR2X5YqsYyI>
Subject: [lamps] WGLC comments draft-ietf-lamps-cms-shakes-01
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Aug 2018 20:08:27 -0000

Draft not ready to proceed

* See all comments about PKIX shake as many of them are relevant here.

* Reading these documents one after the other makes me somewhat sad about
the amount of duplicated text.

* Identifiers - The values of d need to be discussed as part of the OID
definition.

* Is there an issue with SHAKE128 of generating two different lengths from
the same computing instance?  Should be discussed some place.  Note that
putting this in Security Considerations paragraph 2 would be a reasonable
answer in you can tell people WHY they should not expect unrelated outputs.

* Message Digests - are the limits on the size only for CMS or do they apply
everywhere that the algorithm is used.  If it is everywhere how do we
reconcile with the usage in RSA-PSS? 

* Message Authentication Codes - Do we need to address a potential request
from some of the IOT worlds such as SUIT where they want to use KMAC, but
would be happy with a smaller authentication value?

Jim