On Mon, Oct 29, 2012 at 4:23 PM, Ryan Sleevi <[email protected]> wrote: > > However, as an NSS developer, I do not see your presented argument as a > reason not to use Concat-KDF, and Concat-KDF would be more preferable, as a > NIST-blessed KDF, since NSS cares especially for NIST-blessed algorithms.
I think HKDF (hash-based key derivation function) is also worth considering. It is specified in RFC 5869 and is also blessed by NIST in SP 800-56C. Wan-Teh _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
