Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Diffie-Hellman Proof-of-Possession Algorithms
draft-schaad-pkix-rfc2875-bis-08

Yes

(Sean Turner)

No Objection

(Adrian Farrel)

(Barry Leiba)

(Benoît Claise)

(Brian Haberman)

(Joel Jaeggli)

(Martin Stiemerling)

(Pete Resnick)

(Robert Sparks)

(Ron Bonica)

(Russ Housley)

(Stephen Farrell)

(Stewart Bryant)

(Wesley Eddy)

Note: This ballot was opened for revision 06 and is now closed.

Sean Turner Former IESG member

Yes

Yes (for -06) Unknown

Adrian Farrel Former IESG member

No Objection

No Objection (for -06) Unknown

Barry Leiba Former IESG member

No Objection

No Objection (for -06) Unknown

Benoît Claise Former IESG member

No Objection

No Objection (for -06) Unknown

Brian Haberman Former IESG member

No Objection

No Objection (for -06) Unknown

Joel Jaeggli Former IESG member

No Objection

No Objection (for -07) Unknown

Martin Stiemerling Former IESG member

No Objection

No Objection (for -06) Unknown

Pete Resnick Former IESG member

No Objection

No Objection (for -06) Unknown

Robert Sparks Former IESG member

No Objection

No Objection (for -06) Unknown

Ron Bonica Former IESG member

No Objection

No Objection (for -06) Unknown

Russ Housley Former IESG member

(was Discuss) No Objection

No Objection (2013-02-04 for -06) Unknown

  I think that the Introduction needs to be expanded.  First, the phrase
  "producing a POP" does not make it clear that the proof is that the
  party has possession of the private key that corresponds to the public
  key in the certificate request.  Second, in some cases, a DH key can
  be used to make a DSA signature, and an ECDH key can be used to make
  an ECDSA signature.  Such an operation would provide the POP.  Such
  an operation may not be possible if the key is stored in a hardware
  device that ensures a typed key is used only with one algorithm.

  The Introduction states:
  >
  > Given the current PKIX definitions for the public key parameters of
  > elliptic curve, the number of groups is both limited and predefined.
  > This means that the probability that the same set of parameters are
  > going to be used by the key requester and the key validator are
  > significantly higher than they are in the Diffie-Hellman case.
  >
  In Static-Static Diffie-Hellman, both parties must employ the exact
  same parameters.  In Ephemeral-Static Diffie-Hellman, the sender must
  employ the parameters from the certificate of the receiver.  Thus, it
  seems to me that DH is also reduced to a well-known set of parameters.

Stephen Farrell Former IESG member

No Objection

No Objection (2013-01-22 for -06) Unknown

- Is floor(a,b) not an odd notation? Normally floor has only
one input. Is this used elsewhere? Why not just define
floor(x) and then use floor(a/b) as usual?

- It appears as if you have gotten OIDs from the PKIX arc
already, so the tense in the IANA section is wrong.

- I didn't check the ASN.1 modules, nor the examples.  Has
anyone?

Stewart Bryant Former IESG member

No Objection

No Objection (for -06) Unknown

Wesley Eddy Former IESG member

No Objection

No Objection (for -06) Unknown

Diffie-Hellman Proof-of-Possession Algorithms draft-schaad-pkix-rfc2875-bis-08

Diffie-Hellman Proof-of-Possession Algorithms
draft-schaad-pkix-rfc2875-bis-08