#141: Section 4.7.2 Concat should have it's own section Description changed by [email protected]:
Old description: > The Concat algorithm should be defined in its own section and should have > all of the NIST parameters defined for it so that it can just be > referenced by any other algorithm definition that wants to use it (for > example ECDH-SS). > > This means that there are number of things that need to be added to the > defintions used: > > 1. Need to specify length prefixing on apu, apv, publicInfo and > privateInfo > > 2. Need to have a nonce for the static-static case > > 3. Need to specify how to combine nonce into the apu field. > > 4. Potentially define default values for the apu and apv if not present > and describe the restrictions that result from this. "Sender" and > "Receiver" are good default strings. Restriction is that they need to be > swapped if keys are being derived for both directions on a single key > management operation (following messages would be done with direct). > > 5. Alg names used must have a length built into the algorithm name > > 6. APU and APV values MUST be distinct - fail concat if they are not. New description: The Concat algorithm should be defined in its own section and should have all of the NIST parameters defined for it so that it can just be referenced by any other algorithm definition that wants to use it (for example ECDH-SS). This means that there are number of things that need to be added to the defintions used: 1. Need to specify length prefixing on apu, apv, publicInfo and privateInfo 2. Need to have a nonce for the static-static case 3. Need to specify how to combine nonce into the apu field. 4. Potentially define default values for the apu and apv if not present and describe the restrictions that result from this. "Sender" and "Receiver" are good default strings. Restriction is that they need to be swapped if keys are being derived for both directions on a single key management operation (following messages would be done with direct). 5. Alg names used must have a key length built into the algorithm name and need to be string lengh prefixed. 6. APU and APV values MUST be distinct - fail concat if they are not. 7. Make APU and APV as parameters of concat not ECDH 8. The last paragraph in the section could either be deleted or simplified down to just saying they are different without all of the full detail. -- -- -------------------------+------------------------------------------------- Reporter: | Owner: draft-ietf-jose-json-web- [email protected] | [email protected] Type: defect | Status: new Priority: major | Milestone: Component: json-web- | Version: algorithms | Resolution: Severity: - | Keywords: | -------------------------+------------------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/141#comment:1> jose <http://tools.ietf.org/jose/> _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
