Telechat Review of draft-ietf-karp-crypto-key-table-08
review-ietf-karp-crypto-key-table-08-secdir-telechat-wierenga-2013-08-08-00
| Request | Review of | draft-ietf-karp-crypto-key-table |
|---|---|---|
| Requested revision | No specific revision (document currently at 10) | |
| Type | Telechat Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2013-08-13 | |
| Requested | 2013-08-02 | |
| Authors | Tim Polk , Russ Housley , Sam Hartman , Dacheng Zhang | |
| Draft last updated | 2013-08-08 | |
| Completed reviews |
Genart Last Call review of -07
by
David L. Black
(diff)
Genart Telechat review of -08 by David L. Black (diff) Secdir Telechat review of -08 by Klaas Wierenga (diff) Secdir Last Call review of -07 by Klaas Wierenga (diff) |
|
| Assignment | Reviewer | Klaas Wierenga |
| State | Completed | |
| Review |
review-ietf-karp-crypto-key-table-08-secdir-telechat-wierenga-2013-08-08
|
|
| Reviewed revision | 08 (document currently at 10) | |
| Result | Has Nits | |
| Completed | 2013-08-08 |
review-ietf-karp-crypto-key-table-08-secdir-telechat-wierenga-2013-08-08-00
Hi,
After having reviewed version 07, I have only one (minor) nit for version 8,
you write:
KDF: A key
derivation function is a one-way function that provides
cryptographic separation of key material. The KDF MAY use
inputs from the row in the key table and the message being sent
or received but MUST NOT depend on other configuration state.
I wonder whether that definition is correct. I have always considered
forwarding secrecy a desirable but not necessary property for KDF's. For
example the key may not have the necessary properties so a transformation may
be needed (could be as simple as padding until a certain length). But if you
can point me to a definition that includes one-way I stand corrected.
Klaas