Re: [webrtc-pc] Issue 1: Key shortening

You are correct, I see your point now.

> Applications that use keys longer than B bytes will first hash the key using H and then use the
   resultant L byte string as the actual key to HMAC.

SHA1 block size is 512 bit (B=64 byte), and so the key shortening is not needed for a key that has only 256 bit length (or even 512 bit), because it is shorter than the Block size of SHA1 (512bit). (according the sentence above RFC2104 )

The stun-bis actual agility plan use SHA1 and SHA-256 algorithms.
AFAIU actually no key shortening is needed according RFC2104.

I agree that there is a conflict between RFC 7635 Appendix B, and RFC2104.

Open an errata about it?

GitHub Notification of comment by misi
Please view or discuss this issue at using your GitHub account

Received on Tuesday, 23 May 2017 08:38:41 UTC