Last Call Review of draft-ietf-keyprov-symmetrickeyformat-
review-ietf-keyprov-symmetrickeyformat-secdir-lc-salowey-2010-04-27-00
| Request | Review of | draft-ietf-keyprov-symmetrickeyformat |
|---|---|---|
| Requested revision | No specific revision (document currently at 11) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2010-05-04 | |
| Requested | 2010-04-15 | |
| Authors | Sean Turner , Russ Housley | |
| I-D last updated | 2010-04-27 | |
| Completed reviews |
Secdir Last Call review of -??
by Joseph A. Salowey
|
|
| Assignment | Reviewer | Joseph A. Salowey |
| State | Completed | |
| Request | Last Call review on draft-ietf-keyprov-symmetrickeyformat by Security Area Directorate Assigned | |
| Completed | 2010-04-27 |
review-ietf-keyprov-symmetrickeyformat-secdir-lc-salowey-2010-04-27-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document defines an ASN.1 container for symmetric keys. This seems useful. For the most part the document is clear. I have the following comments (I also copied the authors of draft-ietf-keyprov-pskc-05 since some of the comments may more pertain to that document). 1. Is the sKey value encrypted or clear text? 2. Section 3.2.12 Value MAC I was not clear to me how this MAC was calculated. What exactly does it cover? I assume it is the octet string in the sKey field in the OneSymmetricKey sequence. Does it include the ASN.1 encoding or not. 3. Why is section 4 necessary in draft-ietf-keyprov-symmetrickeyformat-07 and not in http://tools.ietf.org/html/draft-ietf-keyprov-pskc-05 ? Thanks, Joe