Re: [lamps] AD review of draft-ietf-lamps-cmp-algorithms-07
Roman Danyliw <rdd@cert.org> Fri, 29 October 2021 14:52 UTC
Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18A0E3A12A5 for <spasm@ietfa.amsl.com>; Fri, 29 Oct 2021 07:52:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K8AS57cMgYmw for <spasm@ietfa.amsl.com>; Fri, 29 Oct 2021 07:52:45 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0139.outbound.protection.office365.us [23.103.209.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8F1A3A12A0 for <spasm@ietf.org>; Fri, 29 Oct 2021 07:52:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Iy3dRZBTqoAcZ4bZk3uTXMUHFI/iLfsg1xsflPwLni/JL4rAfqoUG8tfc/S7dkeRwZo7/53ax8GmlxxZudrJoj09yhcb0yVxkeJuidZiJx+AZo/kbg8xMg/7JdYMMnYHDh9YMyrhZLSc+eOL5aB2fG02Ac3j2oWEmIIva6jPZdLiZXqKIGBBkO/1jK+FMZv4J3xfotHl+r29F2rLanr3EZTSWtJpcgAPTx1Umn5vFFen6abluN/lejNTm/1oMZMFiTDQrKI/n42VbAbysF/kBnZYQDmhp5oG60w7x8QAEDZTP8rL19/Hskqx9ARC8XPWWJXVq73AUVb+CXn7Au+v/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RTMsFf5BrRDpuzcwJVklKJYBMWZ8NahC+jNIYl2m4gQ=; b=tDLjAtNX2n3Efa2G+FjYbqw6V0KumkgNeQpgrtcQZsuC6ztWOpa5nFJgOUdjcaZD5Ej4Gbcx56sb63sYUpxlWf/DR1U85x23LOBUbuJcyEJQOwY8sHiL9AIqfOWzQkxuH6gXsJAFW8LdbKQAt6NZjuMQf+lF1D/KGjmA6dnn8n3a8YRMOj8KKT6jcbSW2ZUIBeT41NyqTCPaq6zF1e0Otg4RYW0oC31Z2mAEVWmiTi+UfzmI+oriHunOC23KpAmAzHFqtW3zZj1cl3HXCyQbW79GIRKHidaIsVThGzCDX2PnA/vlugw5gr/k6z0KKvBi/ABX6OrYIW5cm44TRQ6VCw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RTMsFf5BrRDpuzcwJVklKJYBMWZ8NahC+jNIYl2m4gQ=; b=fhjlAX/wuVNH55N8+IEGEZLAHZTl1dGaz+QzKBgX7MQqTXuh1GS1/3beS/Vfmq2/bg6GtECNeLu8Bg2Tn9imjw/WNpolnxSIIX1bc3SggDiul1olsuqjI7y5stnH9TmuQK7n9TSGDSaEINQ4L3k1OuCPIfwJdLRNtjMLUaqm264=
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:134::12) by BN1P110MB0882.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:132::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.18; Fri, 29 Oct 2021 14:52:38 +0000
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::4463:48d1:9769:567f]) by BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::4463:48d1:9769:567f%6]) with mapi id 15.20.4649.015; Fri, 29 Oct 2021 14:52:38 +0000
From: Roman Danyliw <rdd@cert.org>
To: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
CC: LAMPS WG <spasm@ietf.org>
Thread-Topic: AD review of draft-ietf-lamps-cmp-algorithms-07
Thread-Index: AdfKsmHop5v82zipS+Kei9oAXI0KtQAiaocAAGW8cIA=
Date: Fri, 29 Oct 2021 14:52:38 +0000
Message-ID: <BN1P110MB0939E0472BE839285D719B8ADC879@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM>
References: <BN1P110MB0939774B07F1FF05E5DBBC42DC849@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM> <AM0PR10MB2418F86C7FA82F1D40F910D4FE879@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <AM0PR10MB2418F86C7FA82F1D40F910D4FE879@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: siemens.com; dkim=none (message not signed) header.d=none;siemens.com; dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 25073910-f025-42fe-e95e-08d99aebc035
x-ms-traffictypediagnostic: BN1P110MB0882:
x-microsoft-antispam-prvs: <BN1P110MB088205D90C524D6D4B47084CDC879@BN1P110MB0882.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:2449;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: zhE9PIoy+Cwdpo/UEwQS10t0rlf/FIbi4bCvZ36MEM2fkNQomrS+6ICcp7R01jQKgbTyxbTv6YYf/r0iAoN72CxgADrtulGj5oUEgFORnr3LHwbqJ8pJaFc3e/s7XNGhzdb7sNje90rV4SSoF7/i+cuhofnmdRM9g+fbzrF4lvNzhMr0lHCcpV2A4eQbluivELLW00q3eKpHczUkXSjmFMlqlMoXuuULY6XWckvC6YBsOlBtX0oXdesW+LzzgYmwG8bjg564yRoQuUak188qMsxApg7EXinuyBk0NqI5MtoERJdua538FCpxLuhVgL5VFiJ8g2YMTf5otMqiLLyT8lRElrB9M5KIzi37u+GP66bLDNw4cWRJi1MIA34x/ja96QfMrP+BLPsFTTg47Tjg1UCs8fHHN0kNj2M7Be/3Hzl6C0N3oefbbI0TiOr673OPSCX6lFeWV8t/CT80WThy+WCHmqNkI1qBrc3SvvQz0F5KAtcleYNx2JCTOjj+6s9PK/dczssM+zweHocK+OVQ9pN6qt+e1PKHEFBkPzi8ZZ9q9WDakhYSrtC/mKoKvcQtV3c7KF44afnjct2ebKZ/DFpZN25CdX1165oA8bsLUMXmL4+/GNDCuvI73E3IZD1T
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(122000001)(2906002)(4326008)(9686003)(38100700002)(5660300002)(55016002)(52536014)(8936002)(8676002)(83380400001)(19627235002)(71200400001)(498600001)(82960400001)(66476007)(66446008)(186003)(64756008)(7696005)(6506007)(30864003)(53546011)(33656002)(6916009)(66556008)(26005)(86362001)(76116006)(38070700005)(66946007)(66574015); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: yvCSshI/HAeF+tGTveo23cqNV8GGL7vbRHrDpTCJTiZlr5BRGk9i+jQ0wPjPbLxpY+1U36yWS3HfJKsIR65WLUrKuL8b5nRKFsdFZgQcZND0dtKU7L0W7cuIVWHtBVGuknL6jcG83gdQaewQFRbBkOLijMPqsLkTxZ6iQfAv2qroOj1ziYU8w8t7RacykmvdmCaiOo0lDYpyCUw+gQojj0umoGsjiBUe6fnffTPCM1p9r07441MJ0ZbNLhV4EmtbqzQ88lqJ9+4ZryRneLeiqSMqipBHgn+IVw1vQM/r3KBxqF6qKw45HK54g05t3DFI+7SHb7kR1xM+IRD/uAAbn6rOjFyNt0bke4xI0UhL3I+iJHGmJjqkHf2oopTCVHJbGR+Yp4+6uzWwJRVM8w2za9EPn5SjO3FXD0y8iv7BkEtKqnxXK9mtJAcqrDZbmKT7Xi72YY4C8CfdvCnXYeuFay6f3H05oavb4EzYZyaxxBCv6dlf36aJgsGCF0HOIfRbGt/QWGRq5awLe/8AjhNgJzhzKsBaBGcWPu2yR+/0Y5DZ+Dj4GgZ9aSnQywPNdK6W/rY/2ohW7yPOoa7/Z8KvdCKCaIo2adPL4RCSYhNiE3I5wr8dWwqx7KBlRyAFsyUQPbKmi+GcPTRtBbIVySZnOJ4VqN+4aWEoD9piy6T+CVB68Zq2Oqu+3LGBfv8iOdjWUPxe/heKsh/ClGXyuFra/PzCz8FckS1V75mYhj4Dn+Q=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 25073910-f025-42fe-e95e-08d99aebc035
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2021 14:52:38.1377 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1P110MB0882
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/cUkab0Pu28yKb30jHpJlFCVpjvA>
Subject: Re: [lamps] AD review of draft-ietf-lamps-cmp-algorithms-07
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2021 14:52:50 -0000
Hi Hendrik! > -----Original Message----- > From: Brockhaus, Hendrik <hendrik.brockhaus@siemens.com> > Sent: Friday, October 29, 2021 8:31 AM > To: Roman Danyliw <rdd@cert.org> > Cc: LAMPS WG <spasm@ietf.org> > Subject: AW: AD review of draft-ietf-lamps-cmp-algorithms-07 > > Roman > > Many thanks for your feedback. > > I am confused regarding your comments on field names vs. type names. > If you look for example at the definition of KeyAgreeRecipientInfo (RFC 5652 > Section 6.2.2): > KeyAgreeRecipientInfo ::= SEQUENCE { > version CMSVersion, -- always set to 3 > originator [0] EXPLICIT OriginatorIdentifierOrKey, > ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, > keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, > recipientEncryptedKeys RecipientEncryptedKeys } My reading is that > keyEncryptionAlgorithm is the field name and > KeyEncryptionAlgorithmIdentifierits the type. Am I wrong? You should be confused, because I'm wrong. Sorry about that. In that syntax of "<type> <type> <type> <field name>" that is used in the document, I translated it in my head as "<field name> <field name> ... <type>". Please ignore all the various places where I called this out incorrectly in my earlier feedback. > Please find further comments below inline. > Feedback on you comment regarding Section 7 and Section 9 will come next > week. > > > -----Ursprüngliche Nachricht----- > > Von: Spasm <spasm-bounces@ietf.org> Im Auftrag von Roman Danyliw > > > > Hi! > > > > I did an AD review of draft-ietf-lamps-cmp-algorithms-07 with my > > comments below. Thanks for this work to evolve CMP. > > > > ** Section 2, 3, etc. Editorial. When listing the places where digest > > and signature algorithm identifies are found, consider if enumerating > > them as a bulleted list might be easier to read. For example: > > > > OLD > > Digest algorithm identifiers are located in the hashAlg field of > > OOBCertHash, the owf field of Challenge, PBMParameter, CertStatus, > > and DHBMParameter, and the digestAlgorithms field of SignedData and > > the digestAlgorithm field of SignerInfo. > > > > NEW > > Digest algorithm identifiers are located in: > > * hashAlg field of OOBCertHash > > * owf field of Challenge, PBMParameter, CertStatus, and DHBMParameter > > * digestAlgorithms field of SignedData > > * digestAlgorithm field of SignerInfo. > > I like this proposal and will update the draft accordingly. I also change the > paragraph on digest value locations accordingly. I did the same in other > sections, where appropriate. Thanks. > > > > ** Section 2. > > Note: Specific conventions are needed for CertStatus content in > > certConf messages when confirming certificates where the > > AlgorithmIdentifier of the certificate signature does not clearly > > imply a specific hash algorithm. In such cases the hash algorithm to > > use to build certHash should be specified, e.g., as done in > > Section 2.1 and Section 2.2 for certificates signed using EdDSA. > > > > I'm confirming my understanding of the text. Is the specific > > convention being described here the second sentence (i.e., explicitly > > specifying the hash algorithm)? I ask because "conventions" was > > plural suggesting that there was more than one. > > Good point. Doth this proposal solved your issue? > > Old: > Note: Specific conventions are needed for CertStatus content in > certConf messages when confirming certificates where the > AlgorithmIdentifier of the certificate signature does not clearly > imply a specific hash algorithm. In such cases the hash algorithm to > use to build certHash should be specified, e.g., as done in > Section 3.3 for certificates signed using EdDSA. > > New: > Note: When confirming certificates where the AlgorithmIdentifier > of the certificate signature does not clearly imply a specific hash > algorithm and no specific hash algorithm is defined for usage with > this signature algorithm, as done in Section 3.3 for EdDSA, the hash > algorithm needs to indicated in the hashAlgs field of the certConf > message as specified in CMP Updates Section 2.9 > [I-D.ietf-lamps-cmp-updates]. Looks good. Thanks. > > > > ** Section 3. Editorial. s/Section 7.2,RFC/Section 7.2, RFC/ > > Yes, thanks > > > > > ** Section 3.1. Editorial. > > OLD > > The algorithm identifiers for RSASAA-PSS signatures used with SHA2 > > message digest algorithms is identified by the following OID: > > > > NEW > > The algorithm identifier for RSASAA-PSS signatures used with SHA2 > > message digest algorithms is identified by the following OID: > > I will update the draft accordingly > > > > > ** Section 3.3. Editorial. s/signature algorithm Ed25519 > > MUST/signature algorithm Ed25519 that MUST/ > > Yes, thanks > > > > > ** Section 4.1. > > > > Key agreement algorithm identifiers are located in the EnvelopedData > > RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm fields. > > > > -- "keyEncryptionAlgorithm" is the type, the field name is > > "KeyEncryptionAlgorithmIdentifier" per Section 6.2.1 of RFC5652. It > > should likely read "... KeyAgreeRecipientInfo > KeyEncryptionAlgorithmIdentifier". > > Section 4.1 addresses key agreement. Therefore RFC 5652 Section 6.2.2 applies. > > RFC 5652 Section 6.2.2 defines: > KeyAgreeRecipientInfo ::= SEQUENCE { > version CMSVersion, -- always set to 3 > originator [0] EXPLICIT OriginatorIdentifierOrKey, > ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, > keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, > recipientEncryptedKeys RecipientEncryptedKeys } > > Isn't keyEncryptionAlgorithm the field name? > > > > > -- why is "fields" plural? Isn't the cardinality here a single field? > > Yes, it should be "field". > > > > > -- I'm mentioning it here but it applies to the other uses, using > > spaces to convey the nested CMS structure is confusing. > > I propose to use '-' instead of a space in case such structure is required. While > switching to the bulleted lists I removed the nested structure. Above looks fine. Thanks. > > > > ** Section 4.1. Checking my understanding, is it accurate that both > > the key agreement algorithm identifiers and the key encryption > > algorithm identifiers are going to the same place in EnvelopedData? > > Thanks for spotting this. This points at a confusion on my side. This needs to be > changed in Lightweight CMP Profile Section 4.1.6.1 as well. > > Looking at RFC 5753 Section 3.1.1 I understand now, that the key agreement > algorithm OID is located in keyEncryptionAlgorithm and the key-wrap algorithm > OID is located in the parameters field of the key agreement algorithm OID, e.g., > a PARAMS field (see RFC 5753 A.3). > > RFC 5753 Section 3.1.1 > - keyEncryptionAlgorithm MUST contain the object identifier of the > key-encryption algorithm, which in this case is a key agreement > algorithm (see Section 7.1.4). The parameters field contains > KeyWrapAlgorithm. The KeyWrapAlgorithm is the algorithm > identifier that indicates the symmetric encryption algorithm used > to encrypt the content-encryption key (CEK) with the key- > encryption key (KEK) and any associated parameters (see Section > 7.1.5). Algorithm requirements are found in Section 8. > > RFC 5753 Appendix A.2 > kaa-dhSinglePass-stdDH-sha224kdf-scheme KEY-AGREE ::= { > IDENTIFIER dhSinglePass-stdDH-sha224kdf-scheme > PARAMS TYPE KeyWrapAlgorithm ARE required > UKM -- TYPE unencoded data -- ARE preferredPresent > SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha224kdf-scheme > } Glad we caught that. > > > > ** Section 4.1. > > Wrapped content-encryption keys are located in the EnvelopedData > > RecipientInfos KeyAgreeRecipientInfo RecipientEncryptedKeys > > encryptedKey field. > > > > -- "encryptedKey" is also a type. It should likely be "EncryptedKey" > > per Section > > 6.2.2 of RFC5652. > > RFC 5652 Section 6.2.2 defines > RecipientEncryptedKey ::= SEQUENCE { > rid KeyAgreeRecipientIdentifier, > encryptedKey EncryptedKey } > > Isn't encryptedKey the field name? > > > > > -- My ASN.1 reading always needs help. Should it be "... > > RecipientEncryptedKeys RecipientEncryptedKey EncryptedKey" or > > "RecipientEncryptedKeys EncryptedKey"? Same thing would apply to > > "RecipientInfos" and "RecipientInfo". > > I propose updating Section 4.1 as follows: > Old: > Key agreement algorithm identifiers are located in the EnvelopedData > RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm fields. > > Key encryption algorithm identifiers are located in the EnvelopedData > RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm field. > > Wrapped content-encryption keys are located in the EnvelopedData > RecipientInfos KeyAgreeRecipientInfo RecipientEncryptedKeys > encryptedKey field. > > New: > Key agreement algorithm identifiers are located in: > * keyEncryptionAlgorithm field of KeyAgreeRecipientInfo > > Key wrap algorithm identifiers are located in: > * KeyWrapAlgorithm parameters within keyEncryptionAlgorithm field of > KeyAgreeRecipientInfo > > Wrapped content-encryption keys are located in: > * encryptedKey field of RecipientEncryptedKeys Looks good. Thanks. > > > > ** Section 4.2. > > Key transport algorithm identifiers are located in the EnvelopedData > > RecipientInfos KeyTransRecipientInfo keyEncryptionAlgorithm field. > > > > Similar to Section 4.1, keyEncryptionAlgorithm is the type. It likely > > should be KeyEncryptionAlgorithmIdentifier per Section 6.2.1 of > > RFC5652 > > RFC 5652 Section 6.2.1 defines: > KeyTransRecipientInfo ::= SEQUENCE { > version CMSVersion, -- always set to 0 or 2 > rid RecipientIdentifier, > keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, > encryptedKey EncryptedKey } > > Isn't keyEncryptionAlgorithm the field name? > > > > > ** Section 4.2 > > Key transport encrypted content-encryption keys are located in the > > EnvelopedData RecipientInfos KeyTransRecipientInfo encryptedKey > > Field. > > > > Similar to Section 4.1, encryptedKey is the type. It likely should be > > EncryptedKey per Section 6.2.1 of RFC5652. > > RFC 5652 Section 6.2.1 defines: > KeyTransRecipientInfo ::= SEQUENCE { > version CMSVersion, -- always set to 0 or 2 > rid RecipientIdentifier, > keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, > encryptedKey EncryptedKey } > > Isn't encryptedKey the field name? > > > > > ** Section 4.3. As before, > > s/keyEncryptionAlgorithm/KeyEncryptionAlgorithmIdentifier/ > > See above > > > > > ** Section 4.3. As before, s/encryptedKey/EncryptedKey/ > > See above > > > > > ** Section 4.4. As before, > > s/keyDerivationAlgorithm/KeyDerivationAlgorithmIdentifier/ > > RFC 5652 Section 6.2.4 defines: > PasswordRecipientInfo ::= SEQUENCE { > version CMSVersion, -- Always set to 0 > keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier > OPTIONAL, > keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, > encryptedKey EncryptedKey } > > Isn't keyDerivationAlgorithm the field name? > > > > > ** Section 5. Editorial. s/Section 7,RFC/Section 7, RFC/ > > Yes, thanks > > > > > ** Section 5. As before, s/ contentEncryptionAlgorithm > > /ContentEncryptionAlgorithmIdentifier/ > > > > ** Section 6. Editorial. s/Section 7,RFC/Section 7, RFC/ > > Yes, thanks > > > > > ** Section 6.1.1. Editorial. s/andAlgorithm/and Algorithm/ > > Yes, thanks Thanks for those changes above. Thanks, Roman > > > > ** Section 7. I would have benefit from a bit more clarity on the > > direction provided in this section. > > > > -- "The following criteria will help implementers choose appropriate > > algorithms for managing certificates" > > > > The bulleted list seems like only part of the criteria. As a > > non-exhaustive list, additional considerations might be the > > capabilities of the end-point (e.g., does the target deployment have > > hardware acceleration for some, are some algorithms simply out of > > reach due to available compute or expected software support); or perhaps > local policy or compliance requirements? > > > > -- "The cryptographic strength of the algorithm with the lowest security." > > > > It seems like some words are missing here. Is the intent here to > > guide the selection towards the algorithm that provides the minimum > > amount of strength relative to the needed security requirements? > > > > ** Section 7.1. The text in this section seems it should explicit say > > that it is updating RFC4210. > > > > OLD > > The following table contains definitions of algorithms used within > > > > NEW > > The following table updates the definitions of algorithms used within > > > > ** Section 7.1. If an algorithm is listed in the "Change from 4210" > > column, should it be considered the equivalent of being added to the > > "other" column (per Appendix D.2 of RFC4210? If so, please be explicit about > that. > > > > ** Section 7.1. Table 1. > > > > -- What does it mean for PasswordBasedMac to be in both the Mandatory > > and > > Change-from-4210 column for the MSG_MAC_ALG row? It was already the > > MTI in RFC4210. Same question and situation with D-H for the > PROT_ENC_ALG row. > > > > -- Should 3-DES be considered "other" in MSG_MAC_ALG and > PROT_SYM_ALG? > > > > -- Editorial. In PROT_SYM_ALG and SYM_PENC_ALG, the "3-DES > > (3-key-EDE), CBC Mode" should read "3-DES (3-key-EDE, CBC mode)" per the > text in RFC4210. > > > > ** Section 9. Can a reference be added for the theoretical weakness > > in PasswordBasedMac? > > > > ** Section 9. Editorially, the first paragraph ("RFC 4210 Appendix > > D.2 ...) and the two paragraphs of "In Section 7 ..." and "To keep the > > list ...", seem to be saying the same thing. Recommend a merge. > > > > ** Section 9. > > In such systems the weakened algorithms should > > be disabled from further use. > > > > Can this document make stronger recommendations about deprecating > > certain algorithms such as 3-DES SHA-1 with normative language rather > > than keeping it in the "other" category in the profiles? > > > > ** Normative References. [I-D.ietf-lamps-lightweight-cmp-profile] > > should be a normative reference given the use of normative language > > around it in Section 7.2. > > I will move the reference up > > > Hendrik
- [lamps] AD review of draft-ietf-lamps-cmp-algorit… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Brockhaus, Hendrik
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Brockhaus, Hendrik
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Brockhaus, Hendrik
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Mike Ounsworth
- Re: [lamps] AD review of draft-ietf-lamps-cmp-alg… Brockhaus, Hendrik