OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

oasis-charter-discuss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [oasis-charter-discuss] EKMI

> From: Arshad Noor [mailto:arshad.noor@strongauth.com] 

> The confusion between the WG and TC charters arises because 
> of the industry's (sometimes misguided) notion for referring 
> to the "shared secrets" of authentication credentials as 
> "symmetric keys" - which is similar to the term used by 
> cryptographers when referring to encryption/decryption keys 
> used with symmetric ciphers.

The use of the term symmetric key to refer to a MAC key is the accepted term in the field.

There are several proposed MAC modes for AES and there are several composite encryption/authentication modes for block ciphers.

> In addition, the use of such algorithms (3DES, AES) and 
> symmetric- encryption keys by the KEYPROV protocols to 
> protect the "shared credential secret" during provisioning, 
> adds to the confusion.
> Some might be misled into thinking that 3DES/AES keys are 
> being provisioned by the Provisioning System for general use 
> by business applications, as opposed to the use of those 
> symmetric encryption keys by the Provisioning System and the 
> Credential Container for securely transporting the 
> credential-secret between the two.

Such misperceptions are not a concern. It is not our job to give people tutorials in network protocol design. 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]