Re: AES Key Wrap Section from Donald E. Eastlake 3rd on 2002-01-09 (xml-encryption@w3.org from January 2002)

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Tue, 08 Jan 2002 23:53:45 -0500
To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
cc: Eastlake III Donald-LDE008 <Donald.Eastlake@motorola.com>, "'reagle@w3.org'" <reagle@w3.org>, xml-encryption@w3.org
Message-Id: <200201090453.XAA0000092480@torque.pothole.com>

Sure, it is possible to NOT RECOMMEND things. But the AES Key Wrap
documentation emphasizes that you might have other information being
wrapped in addition to the key. So I would prefer to add text pointing
out that wrapping more key bits than you have bits in the key wrapping
key reduces the security of your system (unless the wrapped key is
later superencrypted or something).

Donald

From:  Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date:  Tue, 08 Jan 2002 09:55:16 +0100
To:  Eastlake III Donald-LDE008 <Donald.Eastlake@motorola.com>,
            "'reagle@w3.org'" <reagle@w3.org>
Cc:  xml-encryption@w3.org
Message-ID:  <1166401719.1010483716@pinkpanther>
In-Reply-To:  <1DE737930E15D511B64400D0B76FE26201A5BCB5@ma07exm01.corp.isg.mot.com>

>Hi Donald,
>
>is it possible to "NOT RECOMMEND" things?
>
>
>KEK size   Wrapped key size  Requirement
>128          128             REQUIRED
>128          >128            NOT RECOMMENDED
>
>192          128             OPTIONAL
>192          Other           OPTIONAL
>192          192             OPTIONAL
>192          >192            NOT RECOMMENDED
>
>256          128             RECOMMENDED
>256          Other           OPTIONAL
>256          256             REQUIRED
>256          >256            NOT RECOMMENDED
>

Received on Tuesday, 8 January 2002 23:56:38 UTC