GOST 28147-89: Encryption, Decryption, and Message Authentication Code (MAC) Algorithms
RFC 5830

Note: This ballot was opened for revision 08 and is now closed.

Search Mailarchive

(Russ Housley) Yes

(Jari Arkko) (was Discuss) No Objection

Comment (2010-01-05)
This may need editorial clarification:

4.7. The keys defining fillings of KDS and the substitution
     box K tables are secret elements and are provided in accordance
     with the established procedure.

     The filling of the substitution box K is described in GOST 28147-89
     as a long-term key element common for a whole computer network.
     Usually K is used as a parameter of algorithm, some possible sets
     of K are described in [RFC4357].

Here KDS is clear -- its the key. But what about K, the substitution
box? Is it a missing part of this standard, a negotiated value between
two peers, or a part of a standard for some context (e.g., when using
this algorithm in S/MIME K = something specific)?

Which established procedure are you referring to? Regular key management
procedures? Some other procedures to obtain secretly defined additional
standards for K?

Perhaps this is just ambiguous words in the document. If so, it would
be great to see the text be clearer about how it expects K to be

(Ron Bonica) No Objection

(Lisa Dusseault) No Objection

(Pasi Eronen) No Objection

(Adrian Farrel) No Objection

(Cullen Jennings) No Objection

Alexey Melnikov No Objection

(Tim Polk) (was No Record, Discuss) No Objection

(Robert Sparks) No Objection

(Magnus Westerlund) No Objection