Sakai-Kasahara Key Encryption (SAKKE)
draft-groves-sakke-03
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
03 | (System) | post-migration administrative database adjustment to the Yes position for Sean Turner |
2012-08-22
|
03 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
2011-11-14
|
03 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent. |
2011-11-12
|
03 | (System) | IANA Action state changed to No IC from In Progress |
2011-11-12
|
03 | (System) | IANA Action state changed to In Progress |
2011-11-12
|
03 | Cindy Morgan | IESG state changed to Approved-announcement sent |
2011-11-12
|
03 | Cindy Morgan | IESG has approved the document |
2011-11-12
|
03 | Cindy Morgan | Closed "Approve" ballot |
2011-11-12
|
03 | Cindy Morgan | Approval announcement text regenerated |
2011-11-12
|
03 | Cindy Morgan | Ballot writeup text changed |
2011-11-12
|
03 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to Yes from No Objection |
2011-10-27
|
03 | (System) | New version available: draft-groves-sakke-03.txt |
2011-04-19
|
02 | (System) | New version available: draft-groves-sakke-02.txt |
2011-04-07
|
03 | Russ Housley | [Ballot comment] Please consider the comments from the Gen-ART Review by Richard Barnes on 4-Jan-2010. You can found the review at: http://www.softarmor.com/rai/temp-gen-art/ … [Ballot comment] Please consider the comments from the Gen-ART Review by Richard Barnes on 4-Jan-2010. You can found the review at: http://www.softarmor.com/rai/temp-gen-art/ draft-groves-sakke-00-barnes.txt |
2011-04-07
|
03 | Russ Housley | [Ballot discuss] The Gen-ART Review by Richard Barnes on 4-Jan-2010 raises some issues regarding integration of this algorithm into a protocol. Please tell … [Ballot discuss] The Gen-ART Review by Richard Barnes on 4-Jan-2010 raises some issues regarding integration of this algorithm into a protocol. Please tell the reader: - Which parameters are constant for the whole algorithm - Which parameters are expected to be set out of band for a given implementation - Which parameters need be negotiated in the protocol For example, the algorithm uses a hash function and an elliptic curve, but it is not clear how the communicating parties agree on them. If this document is extending RFC 5091, then it should formally update it (as in, with a line at the top), and explain in more detail its relation to RFC 5091. |
2011-04-07
|
03 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss |
2011-04-05
|
03 | Sean Turner | Ballot writeup text changed |
2011-04-05
|
03 | Sean Turner | Ballot writeup text changed |
2011-03-31
|
03 | Sean Turner | [Note]: 'Tim Polk (tim.polk@nist.gov) is the shepherd.' added |
2011-03-31
|
03 | Sean Turner | State Change Notice email list has been changed to Michael.Groves@cesg.gsi.gov.uk, tim.polk@nist.gov, draft-groves-sakke@tools.ietf.org from Michael.Groves@cesg.gsi.gov.uk, draft-groves-sakke@tools.ietf.org |
2011-03-31
|
03 | Sean Turner | [NOTE] Tim Polk is the document shepherd. |
2011-03-31
|
03 | Sean Turner | Responsible AD has been changed to Sean Turner from Tim Polk |
2011-03-31
|
03 | Sean Turner | Status Date has been changed to 2011-03-31 from None |
2011-02-28
|
03 | Sean Turner | [Ballot comment] |
2011-02-28
|
03 | Sean Turner | [Ballot discuss] This is an updated discuss: #1) addressed #2) addressed #3) addressed #4) addressed #5) addressed |
2011-02-28
|
03 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss |
2011-02-28
|
03 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2011-02-28
|
01 | (System) | New version available: draft-groves-sakke-01.txt |
2011-02-03
|
03 | Cindy Morgan | Removed from agenda for telechat |
2011-02-03
|
03 | Cindy Morgan | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation. |
2011-02-03
|
03 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-03
|
03 | Dan Romascanu | [Ballot comment] The following non-blocking comment made by Mike Sneed in his OPS-DIR review is worth being considered: > The draft is intended for Informational … [Ballot comment] The following non-blocking comment made by Mike Sneed in his OPS-DIR review is worth being considered: > The draft is intended for Informational status. The scope is limited to description of the encryption algorithm and the key establishment algorithm. As the document is intended for Informational status, and is limited to describing an algorithm, there are no operational issues to be addressed. However, there are significant operational issues involved in the deployment of Identifier-Based encryption, eg. KMS key management, which would certainly need to be addressed if this algorithm were to be incorporated into a working system. |
2011-02-03
|
03 | Lars Eggert | [Ballot comment] It is the job of the *AD* to check conformance to idnits for AD-sponsored documents... INTRODUCTION, paragraph 10: > Copyright Notice Boilerplate … [Ballot comment] It is the job of the *AD* to check conformance to idnits for AD-sponsored documents... INTRODUCTION, paragraph 10: > Copyright Notice Boilerplate is outdated for a -00 doc that was submitted Jun 2010. INTRODUCTION, paragraph 15: > Table of Contents The document seems to lack an IANA Considerations section. |
2011-02-03
|
03 | Lars Eggert | [Ballot discuss] Section 3.2., paragraph 3: > We provide pseudocode for computing DISCUSS: Pseudocode does not contain the needed license statement for … [Ballot discuss] Section 3.2., paragraph 3: > We provide pseudocode for computing DISCUSS: Pseudocode does not contain the needed license statement for the IETF Trust. Section 7., paragraph 4: > Table 1: Comparable strengths, taken from Table 2 of [SP800-57] DISCUSS: Missing reference to [SP800-57], and it appears to be normative. |
2011-02-03
|
03 | Lars Eggert | [Ballot Position Update] New position, Discuss, has been recorded |
2011-02-03
|
03 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-02
|
03 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-02
|
03 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Derek Atkins. |
2011-02-02
|
03 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-02
|
03 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-02
|
03 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-02
|
03 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded |
2011-02-01
|
03 | Russ Housley | [Ballot comment] Please consider the comments from the Gen-ART Review by Richard Barnes on 4-Jan-2010. You can found the review at: http://www.softarmor.com/rai/temp-gen-art/ … [Ballot comment] Please consider the comments from the Gen-ART Review by Richard Barnes on 4-Jan-2010. You can found the review at: http://www.softarmor.com/rai/temp-gen-art/ draft-groves-sakke-00-barnes.txt |
2011-02-01
|
03 | Russ Housley | [Ballot discuss] The Gen-ART Review by Richard Barnes on 4-Jan-2010 raises some issues regarding integration of this algorithm into a protocol. Please tell … [Ballot discuss] The Gen-ART Review by Richard Barnes on 4-Jan-2010 raises some issues regarding integration of this algorithm into a protocol. Please tell the reader: - Which parameters are constant for the whole algorithm - Which parameters are expected to be set out of band for a given implementation - Which parameters need be negotiated in the protocol For example, the algorithm uses a hash function and an elliptic curve, but it is not clear how the communicating parties agree on them. If this document is extending RFC 5091, then it should formally update it (as in, with a line at the top), and explain in more detail its relation to RFC 5091. |
2011-02-01
|
03 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded |
2011-01-31
|
03 | Sean Turner | [Ballot discuss] #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in … [Ballot discuss] #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in Uncompressed representation as defined in Section 5.5.6 of [P1363a]. For an elliptic curve point ( x , y ) with x and y in F_p, this representation is given by 0x00 || x' || y' , where x' is the octet string representing x, y' is the octet string representing y and 0x00 is a NULL octet. The representation is 2*L+1 octets in length. Please double check that it is in fact 0X00 || x' || y'. RFC 5480, SECG SEC1, and ANSI use 0x04 not 0x00 to indicate that the key is uncompressed. Also the P1363 draft I found on the web (I'm unsure whether it's final) says the following about uncompressed keys: In this representation, the octet PC shall have binary value 0000 0100 and the octet strings X and Y shall represent x' and y' respectively. #2) When specifying lg, specify the base log2, log10 etc. #3) Section 4, when defining integer the text is missing the text from groves-eccsi: There will be no need to represent negative integers. When transmitted or hashed, such octet strings MUST have length N = ceil(lg(p)/8). should it be added? #4) The introductory text in Appendix A needs to say that it uses SHA-256 and I think you need to add a reference to FIPS 180-3. #5) Needs an IANA section. Even if there's no actions, it needs one. |
2011-01-30
|
03 | Sean Turner | [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points … [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in Uncompressed representation as defined in Section 5.5.6 of [P1363a]. For an elliptic curve point ( x , y ) with x and y in F_p, this representation is given by 0x00 || x' || y' , where x' is the octet string representing x, y' is the octet string representing y and 0x00 is a NULL octet. The representation is 2*L+1 octets in length. Please double check that it is in fact 0X00 || x' || y'. RFC 5480, SECG SEC1, and ANSI use 0x04 not 0x00 to indicate that the key is uncompressed. Also the P1363 draft I found on the web (I'm unsure whether it's final) says the following about uncompressed keys: In this representation, the octet PC shall have binary value 0000 0100 and the octet strings X and Y shall represent x' and y' respectively. #2) When specifying lg, specify the base log2, log10 etc. #3) Section 4, when defining integer the text is missing the text from groves-eccsi: There will be no need to represent negative integers. When transmitted or hashed, such octet strings MUST have length N = ceil(lg(p)/8). should it be added? #4) The introductory text in Appendix A needs to say that it uses SHA-256 and I think you need to add a reference to FIPS 180-3. #5) Needs an IANA section. |
2011-01-30
|
03 | Sean Turner | [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points … [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in Uncompressed representation as defined in Section 5.5.6 of [P1363a]. For an elliptic curve point ( x , y ) with x and y in F_p, this representation is given by 0x00 || x' || y' , where x' is the octet string representing x, y' is the octet string representing y and 0x00 is a NULL octet. The representation is 2*L+1 octets in length. Please double check that it is in fact 0X00 || x' || y'. RFC 5480, SECG SEC1, and ANSI use 0x04 not 0x00 to indicate that the key is uncompressed. Also the P1363 draft I found on the web (I'm unsure whether it's final) says the following about uncompressed keys: In this representation, the octet PC shall have binary value 0000 0100 and the octet strings X and Y shall represent x' and y' respectively. #2) When specifying lg, specify the base log2, log10 etc. #3) Section 4, when defining integer the text is missing the text from groves-eccsi: There will be no need to represent negative integers. When transmitted or hashed, such octet strings MUST have length N = ceil(lg(p)/8). should it be added? #4) The introductory text in Appendix A needs to say that it uses SHA-256 and I think you need to add a reference to FIPS 180-3. |
2011-01-30
|
03 | Sean Turner | [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 … [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 - 3 * B vice y^2 = x^3 - 3 * x. Can't we use the same notation? Also isn't (modulo p) missing? #3) Notation for ceiling is different than in groves-essci. There it is ceil() here it is Ceiling(). #4) In section 4, there are two references to P1363. Is there any chance we could change the reference for the integer-to-octet-string conversion in http://datatracker.ietf.org/doc/draft-mcgrew-fundamental-ecc/ (this one is about to be published shortly as an RFC) and RFC 5480 for the uncompressed key info? #5) In the last paragraph in Section 7, please add an informative reference to RFC 4086 for random requirements when generating random values (we make everybody point to this RFC when it generates random #s). |
2011-01-30
|
03 | Sean Turner | [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 … [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 - 3 * B vice y^2 = x^3 - 3 * x. Can't we use the same notation? Also isn't (modulo p) missing? #3) Notation for ceiling is different than in groves-essci. There it is ceil() here it is Ceiling(). #3) In section 4, there are two references to P1363. Is there any chance we could change the reference for the integer-to-octet-string conversion in http://datatracker.ietf.org/doc/draft-mcgrew-fundamental-ecc/ (this one is about to be published shortly as an RFC) and RFC 5480 for the uncompressed key info? #4) In the last paragraph in Section 7, please add an informative reference to RFC 4086 for random requirements when generating random values (we make everybody point to this RFC when it generates random #s). |
2011-01-30
|
03 | Sean Turner | [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points … [Ballot discuss] This preliminary (and not yet sent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in Uncompressed representation as defined in Section 5.5.6 of [P1363a]. For an elliptic curve point ( x , y ) with x and y in F_p, this representation is given by 0x00 || x' || y' , where x' is the octet string representing x, y' is the octet string representing y and 0x00 is a NULL octet. The representation is 2*L+1 octets in length. Please double check that it is in fact 0X00 || x' || y'. RFC 5480, SECG SEC1, and ANSI use 0x04 not 0x00 to indicate that the key is uncompressed. Also the P1363 draft I found on the web (I'm unsure whether it's final) says the following about uncompressed keys: In this representation, the octet PC shall have binary value 0000 0100 and the octet strings X and Y shall represent x' and y' respectively. #2) When specifying lg, specify the base log2, log10 etc. #3) Section 4, when defining integer the text is missing the text from groves-eccsi: There will be no need to represent negative integers. When transmitted or hashed, such octet strings MUST have length N = ceil(lg(p)/8). should it be added? #4) The introductory text in Appendix A needs to say that it uses SHA-256 and I think you need to add a reference to FIPS 186-3. |
2011-01-30
|
03 | Sean Turner | [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 … [Ballot comment] #1) RFC 5091 indicates it's identity based encryption not identifier based encryption. #2) Section 2.1: E: equation is groves-eccsi is y^2 = x^3 - 3 * B vice y^2 = x^3 - 3 * x. Can't we use the same notation? Also isn't (modulo p) missing? |
2011-01-30
|
03 | Sean Turner | [Ballot discuss] This preliminary (and unsent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be … [Ballot discuss] This preliminary (and unsent to the authors). #1) Section 4: Has the following text: Points on E Elliptic Curve Points MUST be represented in Uncompressed representation as defined in Section 5.5.6 of [P1363a]. For an elliptic curve point ( x , y ) with x and y in F_p, this representation is given by 0x00 || x' || y' , where x' is the octet string representing x, y' is the octet string representing y and 0x00 is a NULL octet. The representation is 2*L+1 octets in length. Please double check that it is in fact 0X00 || x' || y'. RFC 5480, SECG SEC1, and ANSI use 0x04 not 0x00 to indicate that the key is uncompressed. Also the P1363 draft I found on the web (I'm unsure whether it's final) says the following about uncompressed keys: In this representation, the octet PC shall have binary value 0000 0100 and the octet strings X and Y shall represent x' and y' respectively. |
2011-01-30
|
03 | Sean Turner | [Ballot Position Update] New position, Discuss, has been recorded |
2011-01-30
|
03 | Tim Polk | State changed to IESG Evaluation from Waiting for AD Go-Ahead. |
2011-01-30
|
03 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
2011-01-30
|
03 | Tim Polk | Ballot has been issued |
2011-01-30
|
03 | Tim Polk | Created "Approve" ballot |
2011-01-30
|
03 | Tim Polk | Ballot writeup text changed |
2011-01-25
|
03 | Tim Polk | Placed on agenda for telechat - 2011-02-03 |
2011-01-18
|
03 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2011-01-11
|
03 | Amanda Baber | IANA notes that this document does not contain a standard IANA Considerations section. After examining the draft, IANA understands that, upon approval of this document, … IANA notes that this document does not contain a standard IANA Considerations section. After examining the draft, IANA understands that, upon approval of this document, there are no IANA Actions that need completion. |
2011-01-04
|
03 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Derek Atkins |
2011-01-04
|
03 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Derek Atkins |
2010-12-21
|
03 | Amy Vezza | Last call sent |
2010-12-21
|
03 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce Reply-To: ietf@ietf.org … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce Reply-To: ietf@ietf.org Subject: Last Call: (Sakai-Kasahara Key Establishment (SAKKE)) to Informational RFC The IESG has received a request from an individual submitter to consider the following document: - 'Sakai-Kasahara Key Establishment (SAKKE)' as an Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2011-01-18. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. The file can be obtained via http://datatracker.ietf.org/doc/draft-groves-sakke/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-groves-sakke/ |
2010-12-21
|
03 | Tim Polk | Last Call was requested |
2010-12-21
|
03 | Tim Polk | State changed to Last Call Requested from Publication Requested. |
2010-12-21
|
03 | Tim Polk | Last Call text changed |
2010-12-21
|
03 | (System) | Ballot writeup text was added |
2010-12-21
|
03 | (System) | Last call text was added |
2010-12-21
|
03 | (System) | Ballot approval text was added |
2010-12-21
|
03 | Tim Polk | Intended Status has been changed to Informational from None |
2010-09-01
|
03 | Tim Polk | Area acronymn has been changed to sec from gen |
2010-09-01
|
03 | Tim Polk | Note field has been cleared by Tim Polk |
2010-09-01
|
03 | Tim Polk | Draft added in state Publication Requested by Tim Polk |
2010-06-29
|
00 | (System) | New version available: draft-groves-sakke-00.txt |