[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [KEYPROV] New version of PSKC

To: "Philip Hoyer" <phoyer at actividentity.com>, <Hannes.Tschofenig at gmx.net>, "Phillip Hallam-Baker" <hallam at gmail.com>, "Salah Machani" <SMachani at DIVERSINET.COM>, "Sean Turner" <turners at ieca.com>
Subject: Re: [KEYPROV] New version of PSKC
From: "Pei, Mingliang" <mpei at verisign.com>
Date: Fri, 28 Aug 2009 10:21:03 -0700
Cc: Magnus Nyström <magnus at rsa.com>, "Doherty, Andrea" <adoherty at rsa.com>, KEYPROV <keyprov at ietf.org>
Delivered-to: keyprov at core3.amsl.com
In-reply-to: <5BFE9E473DBFC24CA87F18F29B3F0AC403EB7A6B at sur-corp-ex-02.corp.ad.activcard.com>
List-archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-help: <mailto:keyprov-request@ietf.org?subject=help>
List-id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-post: <mailto:keyprov@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
References: <5BFE9E473DBFC24CA87F18F29B3F0AC403EB7A6B at sur-corp-ex-02.corp.ad.activcard.com>
Thread-index: AcooAHlzUFYGcolgTzSpURpFcJPFOQAAo1oA
Thread-topic: New version of PSKC

Hi Philip,

Just note that the example with RSA will change every time we run a program where some random data was picked during the encryption for RSA. I have a program to verify the data. The PBE example should match with the given PBE generation parameters (salt, iteration) and IV for CBC. For the PBE example, did you use your version or the ones that I updated earlier? Could you point me to the date that I sent sample data? I will dig into where the differences are from.

- Ming

From: Philip Hoyer [mailto:phoyer at actividentity.com]
Sent: Friday, August 28, 2009 9:56 AM
To: Hannes.Tschofenig at gmx.net; Phillip Hallam-Baker; Pei, Mingliang; Salah Machani; Sean Turner
Cc: Doherty, Andrea; Magnus Nyström; KEYPROV
Subject: New version of PSKC

Ladies and Gentlemen,

Please find attached the new version of PSKC.

Changes:

incorporated all of the feedback from Andrea and Sean.
reference name change to the new DerivedKey element (moved to XMLEnc11)
Corrected AES example to include (prepend) IV inline with XMLENC spec and mentions IV handling.

I have one big problem:

The samples that Ming sent out for PBE and RSA do not match the ones in the spec.

Especially the PBE is different form the one Ming already says was corrected.

Based on the new XML Enc 1.1 spec for PBE and DerivedKeys. Are we sure we are aligned here?

This is the only thing that needs to be clarified.

Otherwise,

What do I need to do now.

Do I just submit or send to Russ and Pasi directly?

Philip

________________________________

Philip Hoyer

Senior Architect - Office of CTO

ActivIdentity (UK)

117 Waterloo Road

London SE1 8UL

Telephone: +44 (0) 20 7960 0220

Fax: +44 (0) 20 7902 1985

Private and confidential: This message and any attachments may contain

privileged / confidential information. If you are not an intended recipient,

you must not copy, distribute, discuss or take any action in reliance on it.

If you have received this communication in error, please notify the sender

and delete this message immediately.

References:
- [KEYPROV] New version of PSKC
  - From: Philip Hoyer

Prev by Date: [KEYPROV] New version of PSKC
Next by Date: Re: [KEYPROV] New version of PSKC
Previous by thread: [KEYPROV] New version of PSKC
Next by thread: Re: [KEYPROV] New version of PSKC
Index(es):
- Date
- Thread