Re: [kmip] Consistency in Terms and Order in Key Format Section ofKMIP Specification

[Sean Turner <turners@ieca.com>]

Judy,

Comments in line...

spt

Furlong_Judith@emc.com wrote:
> When I was writing up the new section for the KMIP Usage Guide I
> reviewed the key format definitions in the KMIP Specification (see
> section 2.1.7).  I noticed that we are using different terminology when
> describing DSA (section 2.1.7.2/3) keys and DH (section 2.7.1.6/7) and
> that the order of parameters are slightly different between the two
> sections.  Given that the same key could be used in both of these
> algorithms it may make some since to make these two sections consistent
> with one another.
> 
> Here is a summary of the discrepancies between the two section....
> 
> *	In sections 2.1.7.2/3 in the text below the tables we refer to Q
> as the prime divisor while in sections 2.1.7.6/7 in the text below the
> tables we refer to Q as the prime factor.  We should standardize upon
> one term either divisor or factor and use it in both sections.

 From 186-3:

Section 2

q 1. For DSA, one of the DSA domain parameters; a prime factor
      of p – 1.
   2. For RSA, a prime factor of the modulus n.

Q An ECDSA public key.

Section 4 (DSA)

q a prime divisor of (p-1)

So I think you can pick your poison.  Personally, I don't care which it is.

> *	In sections 2.1.7.6/7 in the text below the tables please change
> 'P is the prime, ..." to 'P is the prime modulus,...' to make these
> sections consistent with section 2.1.7.2/3 

See above.

> *	In Table 10 the order of key components is P, Q, G, X while in
> Table 14 the order of key components is P, G, Q, J, X -- I would
> recommend that we change the order in Table 14 to P, Q, G, J, X and the
> text below Table 14 should be reorder in the same manner.

DSA has three parameters p, q, and g.  The DSA private key is referred 
to as x as per FIP 186-3 and the DSA public key is referred to as y in 
FIPS 186-3.

What's J?  I couldn't find it.


> *	In Table 11 the order of key components is P, Q, G, Y while in
> Table 15 the order of key components is P, G, Q, J, X -- I would
> recommend that we change the order in Table 15 to P, Q, G, J, Y and the
> text below Table 14 should be reorder in the same manner.

See above.

> Also one other comment on Section 2.1.7.11 (ECDH Public Key) -- in the
> text below the table we have a reference to FIPS 186-3 -- Given that
> this document does not describe ECDH I'd suggest removing the text in
> parentheses.

Should we point to NIST SP 800-57-1 instead?

> Judy
> 
> Judith Furlong | Principal Product Manager | EMC Product Security Office
> | RSA -The Security Division of EMC | t: 508 249 3698 | e:
> Furlong_Judith@emc.com 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
> 
>