Re: CALL FOR DISCUSSION - Do we want to specify EC in PKINIT?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: CALL FOR DISCUSSION - Do we want to specify EC in PKINIT?

Jeffrey Hutzelman
On Monday, April 18, 2005 07:03:53 PM -0400 Jeffrey Hutzelman
<[hidden email]> wrote:

> Well, sometimes expectations can be wrong.
> I've seen a few people indicate that they would rather see this in a
> separate document, and at least one person seems to strongly prefer to
> include it in this document.

The status has not changed significantly since I wrote that document.
There was a followup from Sam relaying some comments from Russ and
reminding us of the NSA presentation in DC.

Some of the objections have been based on concerns of IPR issues, and some
have not.  There has still been only one person arguing to specify this in
the main PKINIT document.

Therefore, I am declaring that we have a rough consensus that ECDH support
should be specified in a separate document, or not at all.  To implement
this decision, the following bits need to be removed from PKINIT:

- The reference to id-ecPublicKey in section 3.1.3
- Paragraph 1(b) describing how to derive the AS reply key in the ECDH
  case, in section 3.2.3.1 (at the top of Page 17).
- The IMPORT of EcpkParameters in the ASN.1 module appendix (this was
  already not used in the module; apparently it was left over from some
  older text).


Several people have argued for moving the ECDH specification into a
separate document, and at least one said "if at all".  However, no one has
argued particularly strongly against doing the work.  So, assuming there is
someone interested in writing it up (Larry?), I think it would be
reasonable to accept this as a WG work item.  Comments?


-- Jeff


Reply | Threaded
Open this post in threaded view
|

Re: CALL FOR DISCUSSION - Do we want to specify EC in PKINIT?

Jeffrey Altman
Jeffrey Hutzelman wrote:

> Several people have argued for moving the ECDH specification into a
> separate document, and at least one said "if at all".  However, no one
> has argued particularly strongly against doing the work.  So, assuming
> there is someone interested in writing it up (Larry?), I think it would
> be reasonable to accept this as a WG work item.  Comments?
>
>
> -- Jeff

I am in favor of the work being done as a separate document.

Jeffrey Altman


smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: CALL FOR DISCUSSION - Do we want to specify EC in PKINIT?

Brian Tung
Jeffrey Altman wrote (regarding ECDH):
> I am in favor of the work being done as a separate document.

Me too.

--
Brian Tung <[hidden email]>
USC Information Sciences Institute

attachment0 (196 bytes) Download Attachment