Mališa Vučinić writes: > Thanks Tero for this feedback! Could you check if this commit takes care of > it: > > https://bitbucket.org/6tisch/draft-ietf-6tisch-minimal-security/commits/dee6cf8074f2 > > The algorithm identifier is added, it is optional and if it is not present the > IEEE802154-AES-CCM-128 algorithm is assumed. Apart from the key length, I also > added the nonce length in the description of the algorithm in the registry.
Looks good. Formatting the algorithm ids as negative numbers is bit wierd, but I assume it allows making the field optional as you can detect from the the nint that it is algorithm identifier not key usage... Other option could be to combine the key_usage and algorithm to same field, i.e., add algorithm to key_usage tables, and when AES-CCM-256 is added then double the key_usage entries to contain both possible algorithms. This might have the same problems TLS have with cipher suites, that we end up with quite large table with all possible combinations. Or we could rename key_usage to key_usage_and_algorithm and split it so that (key_usage_and_algorithm & 0x1f) is the actual key_usage, and (key_usage_and_algorithm >> 5) is the algorithm id, which would still encode key_usage_and_algorithm as one octect for first few algorithms. -- [email protected] _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
