W3C home > Mailing lists > Public > public-webcrypto@w3.org > November 2014

[Bug 27425] New: HKDF-CTR needs a new name

From: <bugzilla@jessica.w3.org>
Date: Tue, 25 Nov 2014 10:19:48 +0000
To: public-webcrypto@w3.org
Message-ID: <bug-27425-7213@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27425

            Bug ID: 27425
           Summary: HKDF-CTR needs a new name
           Product: Web Cryptography
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: blocker
          Priority: P2
         Component: Web Cryptography API Document
          Assignee: sleevi@google.com
          Reporter: sleevi@google.com
                CC: ietf@augustcellars.com, public-webcrypto@w3.org,
                    vijaybh@microsoft.com, watsonm@netflix.com

The resolution for Bug 24838 attempted to resolve the inconsistencies in
HKDF-CTR by formalizing on SP 800-108, rather than RFC 5869.

However, this failed to capture several points from the discussion, and now
this creates a real risk of incompatibilities:

1) HKDF as a name specifically refers to RFC 5869.
  - Jim raised this point during the discussion, and Vijay agreed to this in
http://lists.w3.org/Archives/Public/public-webcrypto/2014Feb/0181.html
2) RFC 5869 and SP 800-108 are incompatible
3) Our specification does not impose limitations on how Label is encoded,
creating opportunities for a Null-Byte to be encoded in the Label and thus
confused with context (see
http://lists.w3.org/Archives/Public/public-webcrypto/2014Feb/0186.html for
discussion)

I think this is a spec blocker, because if there are any implementations of
this function using the HKDF-CTR name, we will create real risks of
incompatibilities with "other" HKDF implementations.

Suggestion:
1) Introduce HKDF as an algorithm based on RFC 5869
2) Rename the existing HKDF-CTR algorithm name to SP800-108
  2.a) Clarify the existing ambiguities (with suitable review)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 25 November 2014 10:19:49 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:17:25 UTC