W3C home > Mailing lists > Public > public-webcrypto@w3.org > October 2012

Re: Platform Support for JWA Crypto Algorithms

From: Wan-Teh Chang <wtc@google.com>
Date: Wed, 31 Oct 2012 10:00:45 -0700
Message-ID: <CALTJjxF80RCv-b=GGJo6VQnUY8JSP6QP4AAE0FrU0DwORktbjw@mail.gmail.com>
To: Ryan Sleevi <sleevi@google.com>
Cc: Axel.Nennker@telekom.de, Michael.Jones@microsoft.com, jose@ietf.org, public-webcrypto@w3.org
On Mon, Oct 29, 2012 at 4:23 PM, Ryan Sleevi <sleevi@google.com> wrote:
>
> However, as an NSS developer, I do not see your presented argument as a
> reason not to use Concat-KDF, and Concat-KDF would be more preferable, as a
> NIST-blessed KDF, since NSS cares especially for NIST-blessed algorithms.

I think HKDF (hash-based key derivation function) is also worth considering.
It is specified in RFC 5869 and is also blessed by NIST in SP 800-56C.

Wan-Teh
Received on Wednesday, 31 October 2012 17:01:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 31 October 2012 17:01:20 GMT