[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [oasis-charter-discuss] EKMI
It was suggested that some people might be misled by the use of certain language. "Some might be misled into thinking that 3DES/AES keys are being provisioned by the Provisioning System for general use by business applications, " I pointed out that standards are not tutorials. So the fact that people who are unfamiliar with the standard terminology of the field might misinterpret the charter is not relevant. I suggest that you modulate your own tone and retract your accusations immediately. > -----Original Message----- > From: John Messing [mailto:jmessing@law-on-line.com] > Sent: Sunday, November 19, 2006 8:43 AM > To: Hallam-Baker, Phillip > Cc: oasis-charter-discuss@lists.oasis-open.org; > ietf-keyprov@safehaus.org; June Leung; Terwilliger,Ann; Davi > Ottenheimer; ken@adler.net; Arshad Noor > Subject: RE: [oasis-charter-discuss] EKMI > > All: > > I personally dislike bullies, whether street thugs or the > intellectually effete. Please modulate your tone and comments > accordingly. > > Thank you. > > > > -------- Original Message -------- > > Subject: RE: [oasis-charter-discuss] EKMI > > From: "Hallam-Baker, Phillip" <pbaker@verisign.com> > > Date: Sat, November 18, 2006 8:03 pm > > To: "Arshad Noor" <arshad.noor@strongauth.com> > > Cc: <oasis-charter-discuss@lists.oasis-open.org>, > > <ietf-keyprov@safehaus.org>, "June Leung" > <June.Leung@FundServ.com>, > > "Terwilliger, Ann" <aterwil@visa.com>, "John Messing" > > <jmessing@law-on-line.com>, "Davi Ottenheimer" <davi@poetry.org>, > > <ken@adler.net> > > > > > From: Arshad Noor [mailto:arshad.noor@strongauth.com] > > > > > The confusion between the WG and TC charters arises > because of the > > > industry's (sometimes misguided) notion for referring to > the "shared > > > secrets" of authentication credentials as "symmetric > keys" - which > > > is similar to the term used by cryptographers when referring to > > > encryption/decryption keys used with symmetric ciphers. > > > > The use of the term symmetric key to refer to a MAC key is > the accepted term in the field. > > > > There are several proposed MAC modes for AES and there are > several composite encryption/authentication modes for block ciphers. > > > > > > > In addition, the use of such algorithms (3DES, AES) and > > > symmetric- encryption keys by the KEYPROV protocols to > protect the > > > "shared credential secret" during provisioning, adds to the > > > confusion. > > > Some might be misled into thinking that 3DES/AES keys are being > > > provisioned by the Provisioning System for general use by > business > > > applications, as opposed to the use of those symmetric encryption > > > keys by the Provisioning System and the Credential Container for > > > securely transporting the credential-secret between the two. > > > > Such misperceptions are not a concern. It is not our job to > give people tutorials in network protocol design. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]