- From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
- Date: Tue, 08 Jan 2002 23:53:45 -0500
- To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- cc: Eastlake III Donald-LDE008 <Donald.Eastlake@motorola.com>, "'reagle@w3.org'" <reagle@w3.org>, xml-encryption@w3.org
Sure, it is possible to NOT RECOMMEND things. But the AES Key Wrap documentation emphasizes that you might have other information being wrapped in addition to the key. So I would prefer to add text pointing out that wrapping more key bits than you have bits in the key wrapping key reduces the security of your system (unless the wrapped key is later superencrypted or something). Donald From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de> Date: Tue, 08 Jan 2002 09:55:16 +0100 To: Eastlake III Donald-LDE008 <Donald.Eastlake@motorola.com>, "'reagle@w3.org'" <reagle@w3.org> Cc: xml-encryption@w3.org Message-ID: <1166401719.1010483716@pinkpanther> In-Reply-To: <1DE737930E15D511B64400D0B76FE26201A5BCB5@ma07exm01.corp.isg.mot.com> >Hi Donald, > >is it possible to "NOT RECOMMEND" things? > > >KEK size Wrapped key size Requirement >128 128 REQUIRED >128 >128 NOT RECOMMENDED > >192 128 OPTIONAL >192 Other OPTIONAL >192 192 OPTIONAL >192 >192 NOT RECOMMENDED > >256 128 RECOMMENDED >256 Other OPTIONAL >256 256 REQUIRED >256 >256 NOT RECOMMENDED >
Received on Tuesday, 8 January 2002 23:56:38 UTC