RE: Comments on 2nd try at Algorithms Section

> -----Original Message-----
> From: xml-encryption-request@w3.org
> [mailto:xml-encryption-request@w3.org]On Behalf Of Blair Dillaway
> Sent: Wednesday, June 06, 2001 3:14 PM
> To: xml-encryption@w3.org
> Subject: Comments on 2nd try at Algorithms Section
>
>
> > Just catching up on recent postings.  Here are comments on the 2nd
> > draft Algorithm section.
> >
> > Symmetric Key Wrap
> >
> > As noted earlier by Jim Schaad, the RC2 Key Wrap should be deleted.
> >
> > The remaining algorithms on the list are, however,
> problematic.  If we
> > use the CMS defined key wrap then I believe we must respecify the
> > encoding to use XML rather than ASN.1.  I am not opposed this being
> > done given the lack of standardized alternatives in this area.  We
> > also have a problem in that AES key wrap is not yet
> defined.  Would we
> > be allowed to propose a standard with a required algotihm whose
> > specification is TBD?  I don't think so.  So how to we clearly state
> > it will become required at some point in the future?
> >
> > There has been some discussion of using a key deriviation algorithm
> > based on a shared symmetric key.  I'm not opposed to this as an
> > alternative but would like to see a specific proposal based on a
> > published standard, or de-facto standard.

Blair - don't confuse key derivation and key wrap.  The CMS key derivation
algorithm uses ASN but the key wrap algorithm does not.

As a side note, I have been informed that the AES key wrap algorithm is
currently expected to be released in July.  (Of course it was originally
expected last December.)

> >
> > Regards,
> > Blair
>

jim

Received on Wednesday, 6 June 2001 18:53:28 UTC