Re: Appendix C from Jose Kahan on 2004-10-12 (www-xkms@w3.org from October 2004)

From: Jose Kahan <jose.kahan@w3.org>
Date: Tue, 12 Oct 2004 14:41:32 +0200
To: tommy lindberg <lindberg_tommy@hotmail.com>
Cc: www-xkms@w3.org
Message-ID: <20041012124132.GB1486@inrialpes.fr>
Hi Tommy,

This is just a confirmation message for closing the decision cycle.

The comments you reported[1] were assigned issues 313-tl-1[1] and
313-tl-2[2].

The proposed changes were accepted and added to the editor's draft.
Please reply to this message if you have any objections as to the
way the changes were incorporated.

[1] http://lists.w3.org/Archives/Public/www-xkms/2004Apr/0003.html
[2] http://www.w3.org/2001/XKMS/Drafts/cr-issues/issues.html#313-tl-1
[3] http://www.w3.org/2001/XKMS/Drafts/cr-issues/issues.html#313-tl-2

-jose

On Wed, Apr 07, 2004 at 10:25:41AM +0000, tommy lindberg wrote:
> 
> Appendix C of the XKMS Vesion 2 Candidate Recommendation, entitled Sample 
> Protocol Exchanges, contains examples of key derivations, some of which 
> appear not to be accurate.  I enclose my suggested corrections below.
> 
> Section 8.1 (Use of Limited-Use Shared Secret Data) says that "All space 
> and control characters are removed." Given sections C.1.2 and C.1.3, this 
> suggests that a hyphen is a control character. For
> the sake of clarity I propose using "punctuation characters" instead of or 
> in addition to "control characters".
> 
> Also, it might be more appropriate to call the derived quantities "Secret 
> Keys" as opposed to "Private Keys".
> 
> 
> C.1.2 Bob Registration Authentication Key
> Authentication Data
> 3N9CJ-JK4JK-S04JF-W0934-JSR09-JWIK4
> Converted Authentication Data
> [33][6e][39][63][6a][6a][6b][34] [6a][6b][73][30][34][6a][66][77] 
> [30][39][33][34][6a][73][72][30]
> [39][6a][77][69][6b][34]
> Key = HMAC-SHA1 (Converted Authentication Data, 0x1)
> [92][33][7c][7c][3e][8d][3b][7a] [cf][11][59][89][36][64][56][69] 
> [95][4f][8f][d7]
> 
> 
> C.1.3 Bob Registration Private Key Encryption
> Authentication Data
> 3N9CJ-K4JKS-04JWF-0934J-SR09JW-IK4
> Converted Authentication Data
> [33][6e][39][63][6a][6b][34][6a] [6b][73][30][34][6a][77][66][30] 
> [39][33][34][6a][73][72][30][39] [6a][77][69][6b][34]
> First Block = HMAC-SHA1 (Converted Authentication Data, 0x4)
> [78][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> [0b][c8][5f][bd]
> Key = First Block XOR 0x4
> [7c][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> [0b][c8][5f][bd]
> Second Block = HMAC-SHA1 (Converted Authentication Data, Key)
> [1e][7f][e1][b0][ab][d0][f8][09] [2e][28][f3][9d][14][a8][d0][83] 
> [2e][ab][ea][22]
> Final Private Key
> [78][f1][e7][b1][b3][fd][0c][bc] [96][04][e7][01][4f][33][78][d3] 
> [0b][c8][5f][bd][1e][7f][e1][b0]
> 
> 
> C.1.4 Bob Recovery Private Key Encryption
> Authentication Data
> A8YUT vuhhu c9h29 8y43u h9j3i 23
> Converted Authentication Data
> [61][38][79][75][74][76][75][68] [68][75][63][39][68][32][39][38] 
> [79][34][33][75][68][39][6a][33] [69][32][33]
> Private Key
> [91][8c][67][d8][bc][16][78][86] [dd][6d][39][19][91][c4][49][6f] 
> [14][e2][61][33][6c][15][06][7b]
> 
> 
> C.2.1 Alice Pass Phrase Computation
> 
> The values are correct, but the lines
> Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x1)
> Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x2
> 
> should read
> Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x2)
> Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x3)
> 
> 
> C.2.2 Bob Pass Phrase Computation
> 
> The values are correct, but the lines
> Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x1)
> Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x2
> 
> should read
> Pass Phrase Pass 1 HMAC-SHA1 (Converted Authentication Data, 0x2)
> Pass Phrase Pass 2 = HMAC-SHA1 (Pass Phrase Pass 1 , 0x3)
Received on Tuesday, 12 October 2004 12:57:28 UTC