Re: Dey Derivation Functions for DH key agreement from Joseph Reagle on 2001-10-16 (xml-encryption@w3.org from October 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Tue, 16 Oct 2001 14:18:30 -0400
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, "Yongge Wang" <ywang@certicom.com>, xml-encryption@w3.org, "Simon Blake-Wilson" <sblakewilson@certicom.com>
Message-Id: <20011016181831.34D50873A1@policy.w3.org>

Ok, so does anyone object to the change, (it requires a small tweak to an 
implementation)? If I don't here of any objection by week's end, I'll do 
the tweak for the next+ draft. (Last Calls are in the hopper for Thursday, 
and I don't that's enough time to get feedback and do the tweak.)

On Tuesday 16 October 2001 10:17, Donald E. Eastlake 3rd wrote:
> I don't have a problem with the suggested change.
>
> Donald
>
> From:  Joseph Reagle <reagle@w3.org>
> Organization:  W3C
> To:  "Yongge Wang" <ywang@certicom.com>, xml-encryption@w3.org
> Date:  Mon, 15 Oct 2001 16:44:44 -0400
> Cc:  "Simon Blake-Wilson" <sblakewilson@certicom.com>
> References:  <85256A9A.00510388.00@smtpmail.certicom.com>
> In-Reply-To:  <85256A9A.00510388.00@smtpmail.certicom.com>
>
> >Did anyone ever respond to your email to your satisfaction?
> >
> >Also, do you and Simon wish to continue to be listed as participants on
> > the WG roster? (I generally look if people haven't been active for the
> > last 6 months and ping them for their continued interest.)
> >
> >On Tuesday 31 July 2001 10:45, Yongge Wang wrote:
> >> Hi,
> >> I might missed some discussions on this issue. The following comments
> >> are for the "WG Working Draft 26 June 2001".
> >>
> >> In Section 5.5: Key Agreement, there are two functions:
> >>
> >> Keying Material = KM(1) | KM(2) | ...
> >> KM(counter)=DigestAlg(EncryptionAlg | ZZ | counter | Nonce | KeySize)
> >>
> >> In ANSI X9.42, ANSI X9.63, and IETF S/MIME, the first function 
> >> "Keying Material = KM(1) | KM(2) | ..."
> >> is the same. However, the second function "KM(counter)" is a little
> >> different from the ANSI and IETF
> >> one: KM(counter) = H(ZZ||counter||SharedInfo)
> >> This difference is enough to produce incompatibility with ANSI/IETF
> >> standards and currently available
> >> API packages.
> >>
> >> Is it possible to change the order of the input to KM so that it will
> >> look like:
> >>
> >> KM(counter) = DigestAlg( ZZ | counter | EncryptionAlg | Nonce |
> >> KeySize)
> >>
> >> Then one can encapsulate "EncryptionAlg | Nonce | KeySize" as the
> >> SharedInfo and pass it
> >> to the API package.
> >>
> >> Yongge
> >
> >--
> >Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
> >W3C Policy Analyst                mailto:reagle@w3.org
> >IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
> >W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

-- 
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/

Received on Tuesday, 16 October 2001 14:19:19 UTC