Re: FW: Renaming of HKDF-CTR to HKDF from Eric Roman on 2016-03-08 (public-webcrypto@w3.org from March 2016)

From: Eric Roman <ericroman@google.com>
Date: Tue, 8 Mar 2016 14:20:27 -0800
To: Jim Schaad <ietf@augustcellars.com>
Cc: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CAFswn4maW0ndSxwAX=fEVa9w4jLswwFZBHnUirJXCPAz5FQn4g@mail.gmail.com>

On Mon, Mar 7, 2016 at 5:56 PM, Jim Schaad <ietf@augustcellars.com> wrote:

>
>
> > -----Original Message-----
> > From: Jim Schaad [mailto:ietf@augustcellars.com]
> > Sent: Monday, March 07, 2016 4:46 PM
> > To: 'public-webcrypto@w3.org' <public-webcrypto@w3.org>
> > Subject: RE: Renaming of HKDF-CTR to HKDF
> >
> > For the curious, here is a set of known value tests based on both the
> edits and
> > RFC 5869
> >
> > https://github.com/jimsch/web-platform-tests/tree/HKDF
> >
> > The version of Chrome that I am running does not appear to support
> >       SHA-1
> >       Zero length salt and info
>

Can you provide some specific examples of the failures?

According to Chrome's testing it supports SHA1 and empty salt/info.
For instance these tests exercise those options:

https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-rfc5869-test-vectors.html


> >
> > The version of Firefox that I am running fails all of the tests.
> >
> > Jim
> >
> > > -----Original Message-----
> > > From: Jim Schaad [mailto:ietf@augustcellars.com]
> > > Sent: Monday, March 07, 2016 3:35 PM
> > > To: public-webcrypto@w3.org
> > > Subject: Renaming of HKDF-CTR to HKDF
> > >
> > > I have done the pull request that I promised on today's conference
> > > call. It can be found at:
> > > https://github.com/w3c/webcrypto/pull/16
> > >
> > > I believe that this correspond to what Rob said that Mozilla has
> implemented.
> > > Please review and comment on the field names.
> > >
> > > Additional issues that can be addressed here:
> > >
> > > 1.  HKDF allows for salt to be optional, there is a bug reported by
> > > Harry
> > > (https://www.w3.org/Bugs/Public/show_bug.cgi?id=27473)  which says
> > > that this may be a problem.  I do not know if this was reported for
> > > the NIST version or for the IETF version of the algorithm.  It may be
> > > that it is just fixed by switching algorithms.  If not then we can
> > > modify the text to provide default salt behavior in the algorithm
> description.
> > >
> > > 2.  I did not address the question of having an export function for
> > > KDF functions
> > > (27774) as it should be done for all of the KDF functions at the same
> time.
> > > However I would support doing this.
> > >
> > > Jim
> > >
> > >
>
>
>
>

Received on Tuesday, 8 March 2016 22:20:57 UTC