@Tero, Getting back to this, see inline.
On Thu, May 17, 2018 at 12:36 AM Tero Kivinen <[email protected]> wrote: > Mališa Vučinić writes: > > Thanks Tero for this feedback! Could you check if this commit takes care > of > > it: > > > > > https://bitbucket.org/6tisch/draft-ietf-6tisch-minimal-security/commits/dee6cf8074f2 > > > > The algorithm identifier is added, it is optional and if it is not > present the > > IEEE802154-AES-CCM-128 algorithm is assumed. Apart from the key length, > I also > > added the nonce length in the description of the algorithm in the > registry. > > Looks good. Formatting the algorithm ids as negative numbers is bit > wierd, but I assume it allows making the field optional as you can > detect from the the nint that it is algorithm identifier not key > usage... > Yes, that was the intent but see below. > > Other option could be to combine the key_usage and algorithm to same > field, i.e., add algorithm to key_usage tables, and when AES-CCM-256 > is added then double the key_usage entries to contain both possible > algorithms. This might have the same problems TLS have with cipher > suites, that we end up with quite large table with all possible > combinations. > I've just adopted this "TLS" approach: key_usage and algorithm are merged, and a new column "Algorithm" was added in the registry to explicitly state the link-layer techno / algorithm in use. I believe this is quite enough for our purposes and simplifies the CBOR decoder that needs to be implemented. We are back to integers now, and I allow both unsigned and negative in order to have larger 1-byte ranges in the registry. The changes are at: https://bitbucket.org/6tisch/draft-ietf-6tisch-minimal-security/commits/15133e113e2efaa3c42d5f844f12c28100e5f17b Could you also take a look at the "Key Usage values" table and see if you can recommend any other setting for the initial inclusion in the registry? Mališa
_______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
