Re: [KEYPROV] Updated PSKC draft
"Pei, Mingliang" <mpei@verisign.com> Thu, 16 October 2008 21:44 UTC
Return-Path: <keyprov-bounces@ietf.org>
X-Original-To: keyprov-archive@optimus.ietf.org
Delivered-To: ietfarch-keyprov-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9CBCD3A689F; Thu, 16 Oct 2008 14:44:18 -0700 (PDT)
X-Original-To: keyprov@core3.amsl.com
Delivered-To: keyprov@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DBF303A67B6 for <keyprov@core3.amsl.com>; Thu, 16 Oct 2008 14:44:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.432
X-Spam-Level:
X-Spam-Status: No, score=-3.432 tagged_above=-999 required=5 tests=[AWL=-2.234, BAYES_50=0.001, GB_I_LETTER=-2, HTML_MESSAGE=0.001, J_CHICKENPOX_22=0.6, J_CHICKENPOX_23=0.6, J_CHICKENPOX_24=0.6, J_CHICKENPOX_26=0.6, J_CHICKENPOX_27=0.6, J_CHICKENPOX_32=0.6, J_CHICKENPOX_36=0.6, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mT4FBmwMUOCE for <keyprov@core3.amsl.com>; Thu, 16 Oct 2008 14:43:13 -0700 (PDT)
Received: from colibri.verisign.com (colibri.verisign.com [65.205.251.74]) by core3.amsl.com (Postfix) with ESMTP id 4D9293A6819 for <keyprov@ietf.org>; Thu, 16 Oct 2008 14:43:13 -0700 (PDT)
Received: from MOU1WNEXCN03.vcorp.ad.vrsn.com (mailer6.verisign.com [65.205.251.33]) by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id m9GLOsIT010307; Thu, 16 Oct 2008 14:24:54 -0700
Received: from MOU1WNEXMB10.vcorp.ad.vrsn.com ([10.25.13.204]) by MOU1WNEXCN03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 16 Oct 2008 14:43:46 -0700
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----_=_NextPart_001_01C92FD8.4444BA79"
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Thu, 16 Oct 2008 14:43:45 -0700
Message-ID: <3E5A2F1AD44F5E49A74F79AB47C0C0C9010BC447@mou1wnexmb10.vcorp.ad.vrsn.com>
In-Reply-To: <065171DAC4F2674EA8C1142A1AF8E7C315464813@mou1wnexmb10.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
thread-topic: Updated PSKC draft
thread-index: AckolLJWKbEmi7CjQSSHGa+XgUwh/wAYrUhAAbgPo/A=
References: <5BFE9E473DBFC24CA87F18F29B3F0AC40203F3C1@sur-corp-ex-02.corp.ad.activcard.com> <065171DAC4F2674EA8C1142A1AF8E7C315464813@mou1wnexmb10.vcorp.ad.vrsn.com>
From: "Pei, Mingliang" <mpei@verisign.com>
To: "Pei, Mingliang" <mpei@verisign.com>, Philip Hoyer <philip.hoyer@actividentity.com>, andrea.doherty@rsa.com, hannes.tschofenig@gmx.net, "Hallam-Baker, Phillip" <pbaker@verisign.com>, SMachani@DIVERSINET.COM
X-OriginalArrivalTime: 16 Oct 2008 21:43:46.0770 (UTC) FILETIME=[44A25320:01C92FD8]
Cc: keyprov@ietf.org
Subject: Re: [KEYPROV] Updated PSKC draft
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
Sender: keyprov-bounces@ietf.org
Errors-To: keyprov-bounces@ietf.org
I added two more schema adjustment in this version as follows. 1. Use xml:id in place of ID of type xs:ID per Pasi's suggestion. I agree with him that it is a better practice. 2. xmlenc schema location points to a dated version instead of the general last version. The reason for this is that the same schema should be used if some dependent namespace such as PKCS#5 XML also imports the xmlenc namespace and its schema file location. <xs:import namespace="http://www.w3.org/2001/04/xmlenc#" schemaLocation="http://www.w3.org/TR/xmlenc-core/xenc-schema.xsd"/> to <xs:import namespace="http://www.w3.org/2001/04/xmlenc#" schemaLocation=" http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/> Please review. - Ming ________________________________ From: Pei, Mingliang Sent: Tuesday, October 07, 2008 8:44 PM To: Philip Hoyer; andrea.doherty@rsa.com; hannes.tschofenig@gmx.net; Hallam-Baker, Phillip; SMachani@DIVERSINET.COM Cc: keyprov@ietf.org Subject: Updated PSKC draft Attached please find the latest revision updated today. The changes in this revision include the following: Main changes: - IANA section: 1. Added additional constraints that incorporates Pasi's suggestions and Hannes's text for HOTP as sample. 2. Also changed for OCRA, TOTP, and SecurID-AES and SecurID-AES-Counter sections. Minor changes: 1. Changed "This work is a joint effort by the members of OATH..." to "This work is based on earlier work by the members of OATH...". 2. "This Internet draft describes" to ""This document describes" 3. PKCS#12 comparison section: remove argument about small size. Focus on explicit attribute and web service. 4. Change "Encryption Key" to "Key Encryption Key" 5. Replace "cryptomodule" with "Cryptographic Module" 6. Section 3.1.3/3.1.4, expand acronyms "SD" and "OTA" 7. Section 5.1: "keyed digest" -> "Message Authentication Code (MAC)" 8. Section 5.1: "signature" -> "signature or Message Authentication Code" (MAC)", 9. Section 5.1, typo "defintion" 10. Section 5.1, the example about "Extensions" are fixed 11. Section 5.4: KeyAlgorithm is made to be mandatory. 12. Section 6.1.1: Only kw-aes128 is now set as mandatory. All the others are set as optional. Also changed to list Camellia ones in the optional list. The list above doesn't have all the changes pointed out by Pasi. I will include the remaining changes in the next update. - Ming ________________________________ From: Philip Hoyer [mailto:philip.hoyer@actividentity.com] Sent: Tuesday, October 07, 2008 8:52 AM To: andrea.doherty@rsa.com; hannes.tschofenig@gmx.net; Hallam-Baker, Phillip; SMachani@DIVERSINET.COM; Pei, Mingliang Subject: Keyprov call minutes 7/10/08 Attendees: Andrea, Hannes, Phillip Hallam Baker, Ming, Salah Andrea to review RSA algorithm definition Philip Hoyer to add/review ActivIdentity algorithms Ming to send latest revision a revision today We are planning to have one revision to be submitted to IETF before November 3rd. Philip Hoyer asked about SKSML and it was defined that the charter is different but Philip Hoyer to do an analysis in terms of key container and to send Arshad Noor's paper and presentation to the authors. Ming mentioned that there are some comments from Pasi that require schema change. Agreement that they should be sent around in a separate email thread for discussion Quick discussion about IETF. Hannes stressed that it is important that authors will be there or at least let everyone know in terms of attendance. But not repeat what happened in Dublin. Andrea will come. ________________________________ Philip Hoyer Senior Architect - Office of CTO ActivIdentity (UK) 117 Waterloo Road London SE1 8UL Telephone: +44 (0) 20 7960 0220 Fax: +44 (0) 20 7902 1985 Private and confidential: This message and any attachments may contain privileged / confidential information. If you are not an intended recipient, you must not copy, distribute, discuss or take any action in reliance on it. If you have received this communication in error, please notify the sender and delete this message immediately.
_______________________________________________ KEYPROV mailing list KEYPROV@ietf.org https://www.ietf.org/mailman/listinfo/keyprov
- [KEYPROV] Updated PSKC draft Pei, Mingliang
- Re: [KEYPROV] Updated PSKC draft Pei, Mingliang
- [KEYPROV] PSKC open working items and issues for … Pei, Mingliang
- Re: [KEYPROV] Updated PSKC draft Philip Hoyer
- Re: [KEYPROV] Updated PSKC draft Philip Hoyer
- Re: [KEYPROV] Updated PSKC draft Pei, Mingliang