IETF Logo Mail Archive

[lamps] Review draft-ietf-lamps-cms-mix-with-psk-00

Jim Schaad <ietf@augustcellars.com> Fri, 09 November 2018 07:05 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D3E5130DF7; Thu, 8 Nov 2018 23:05:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Id-pXwPu5hWO; Thu, 8 Nov 2018 23:05:36 -0800 (PST)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9612D1292AD; Thu, 8 Nov 2018 23:05:33 -0800 (PST)
Received: from Jude (31.133.136.100) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 8 Nov 2018 23:00:38 -0800
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-lamps-cms-mix-with-psk@ietf.org
CC: 'SPASM' <spasm@ietf.org>
Date: Fri, 09 Nov 2018 14:05:22 +0700
Message-ID: <018d01d477fa$97522760$c5f67620$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdR34mCYkOABRO24Sau0LPVovF5YjQ==
Content-Language: en-us
X-Originating-IP: [31.133.136.100]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/WSovhW5VdbKVsuBPkvPatq0OMs4>
Subject: [lamps] Review draft-ietf-lamps-cms-mix-with-psk-00
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2018 07:05:38 -0000

Abstract:  Needs to be re-worded " if existing syntax the does not
accommodated them."

Section 1: Needs to be re-worded "if current syntax the does not
accommodated them."
  
Section 1: Needs to be re-worded: " by mixing with a strong PSK with the
output"

Section 2 -  Which key? "generates the key"  Pushing something from the next
two sentences forward would be useful.  Not talking about generating the
ephemeral DH key.

Section 2 - you have not introduced the KDK yet and now I am creating one.
Perhaps a simple discussion on how what happens is that an additional key
wrap is inserted using ...

Section 2 - It would be nice to add a sentence where you say that you are
introducing two new management techniques to say that they are agnostic
towards the underlying key management technique.

Section 3 - I am wondering if it would make more sense to use the
KEKIdentifier structure instead of just having an octet string for the
PreSharedKeyIdentifier type?

Section 4 - This is twice that I have read this and am unclear what we are
doing.  The sentence "private key and recipient's public key to generate a
pairwise key"  From this and from information in my mind I am not completely
clear that this is the DH pairwise key or something else.

Summary:  Is it your thought that I should be able to implement this
document as written?  A the moment I do not believe that this is possible.
Do we need to define how the KDF function operates?

Jim

v2.23.0 | Report a Bug | By Email