Re: Appendix C from Jose Kahan on 2004-10-12 (www-xkms@w3.org from October 2004)

From: Jose Kahan <jose.kahan@w3.org>
Date: Tue, 12 Oct 2004 14:47:52 +0200
To: tommy lindberg <lindberg_tommy@hotmail.com>
Cc: www-xkms@w3.org
Message-ID: <20041012124752.GC1486@inrialpes.fr>
Hi Tommy,

This is just a confirmation message for closing the decision cycle.

The comments you reported[1] was assigned issue 314-tl-1[1].

The proposed changes were accepted and added to the editor's draft.
Please reply to this message if you have any objections as to the
way the changes were incorporated.

[1] http://lists.w3.org/Archives/Public/www-xkms/2004Apr/0004.html
[2] http://www.w3.org/2001/XKMS/Drafts/cr-issues/issues.html#314-tl-1

-jose

On Thu, Apr 08, 2004 at 05:44:07PM +0000, tommy lindberg wrote:
> 
> There is another error in Section C.2.2 that  I missed:
> 
> This line:
> Base 64 Encoding of Pass Phrase Stage 1
>    PHx8li2SUhrJv2e1DyeWbGbD6rs=
> 
> should read:
> Base 64 Encoding of Pass Phrase Stage 1
>    8GYiVK8zBD5E0q9Rq2Y/Gci0Zpo=
> 
> Tommy
> 
> 
> >From: "tommy lindberg" <lindberg_tommy@hotmail.com>
> >To: www-xkms@w3.org
> >Subject: Appendix C
> >Date: Wed, 07 Apr 2004 10:25:41 +0000
> >
> >
> >Appendix C of the XKMS Vesion 2 Candidate Recommendation, entitled Sample 
> >Protocol Exchanges, contains examples of key derivations, some of which 
> >appear not to be accurate.  I enclose my suggested corrections below.
> >
> >Section 8.1 (Use of Limited-Use Shared Secret Data) says that "All space 
> >and control characters are removed." Given sections C.1.2 and C.1.3, this 
> >suggests that a hyphen is a control character. For
> >the sake of clarity I propose using "punctuation characters" instead of or 
> >in addition to "control characters".
> >
> >Also, it might be more appropriate to call the derived quantities "Secret 
> >Keys" as opposed to "Private Keys".
> >
> >
> >C.1.2 Bob Registration Authentication Key
> >Authentication Data
> >3N9CJ-JK4JK-S04JF-W0934-JSR09-JWIK4
> >Converted Authentication Data
> >[33][6e][39][63][6a][6a][6b][34] [6a][6b][73][30][34][6a][66][77] 
> >[30][39][33][34][6a][73][72][30]
> >[39][6a][77][69][6b][34]
> >Key = HMAC-SHA1 (Converted Authentication Data, 0x1)
> >[92][33][7c][7c][3e][8d][3b][7a] [cf][11][59][89][36][64][56][69] 
> >[95][4f][8f][d7]
> >
> >
> >C.1.3 Bob Registration Private Key Encryption
> >Authentication Data
> >3N9CJ-K4JKS-04JWF-0934J-SR09JW-IK4
> >Converted Authentication Data
> >[33][6e][39][63][6a][6b][34][6a] [6b][73][30][34][6a][77][66][30] 
> >[39][33][34][6a][73][72][30][39] [6a][77][69][6b][34]
> >First Block = HMAC-SHA1 (Converted Authentication Data, 0x4)
> >[78][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> >[0b][c8][5f][bd]
> >Key = First Block XOR 0x4
> >[7c][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> >[0b][c8][5f][bd]
> >Second Block = HMAC-SHA1 (Converted Authentication Data, Key)
> >[1e][7f][e1][b0][ab][d0][f8][09] [2e][28][f3][9d][14][a8][d0][83] 
> >[2e][ab][ea][22]
> >Final Private Key
> >[78][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> >[0b][c8][5f][bd][1e][7f][e1][b0]
> >
> >
> >C.1.4 Bob Recovery Private Key Encryption
> >Authentication Data
> >A8YUT vuhhu c9h29 8y43u h9j3i 23
> >Converted Authentication Data
> >[61][38][79][75][74][76][75][68] [68][75][63][39][68][32][39][38] 
> >[79][34][33][75][68][39][6a][33] [69][32][33]
> >Private Key
> >[91][8c][67][d8][bc][16][78][86] [dd][6d][39][19][91][c4][49][6f] 
> >[14][e2][61][33][6c][15][06][7b]
> >
> >
> >C.2.1 Alice Pass Phrase Computation
> >
> >The values are correct, but the lines
> >Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x1)
> >Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x2
> >
> >should read
> >Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x2)
> >Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x3)
> >
> >
> >C.2.2 Bob Pass Phrase Computation
> >
> >The values are correct, but the lines
> >Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x1)
> >Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x2
> >
> >should read
> >Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x2)
> >Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x3)
> >
> >
> >Regards
> >Tommy
> >
> >_________________________________________________________________
> >Protect your PC - get McAfee.com VirusScan Online 
> >http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
> >
> 
> _________________________________________________________________
> Tired of spam? Get advanced junk mail protection with MSN 8. 
> http://join.msn.com/?page=features/junkmail
>
Received on Tuesday, 12 October 2004 12:48:25 UTC