- From: Tommy Lindberg <tommy.lindberg@gmail.com>
- Date: Fri, 3 Dec 2004 18:49:22 +0000
- To: www-xkms@w3.org
The reason I have this opinion is that we have vectors for the limited use shared secret key material derivations in the spec as well as sample messages that include signatures/macs computed with keys derived in the same way, an implementor has plenty of material available to test his/her implementation without involving another party. Regards, Tommy On Fri, 03 Dec 2004 18:09:40 +0000, Guillermo Álvaro Rey <alvarorg@cs.tcd.ie> wrote: > Hi all, > > While designing tests for the test collection we couldn't agree on if the > following test (or something similar) should be included or not: > > (Similar to XKRSS-T2 but with shared secrets equivalent to "secret") A > client wishes to register five keys generated by the XKMS server (Key Names: > TestKey[1-5]). He sends registration requests to the XKMS service provider > using the following shared secrets: "SECRET", "sec ret", " sEC r E t ", > "SeCrE t" and "s ECr ET ", for key binding authentication. The shared > secrets associated to the keys in the service side will be the same used by > the client, without an explicit order as all of them will transform to > "secret". The processing mode is synchronous, and the keys are to be used > with an email address. The XKMS server returns an RSA key pair with > encrypted private key for every registration operation. The resulting set of > messages will consist of ten messages: five Register request/response pairs. > > The idea would be to check if the string conversion rules included in the > "use of limited-use shared secret data" section would guarantee > interoperability. On the other hand, Tommy suggested that this kind of test > is not an interoperability issue as the execution of the algorithm involves > only one entity. > > Does anyone have an opinion on this? :) > > Cheers, > - -Guillermo > >
Received on Friday, 3 December 2004 18:49:54 UTC