RE: [oasis-charter-discuss] EKMI

[John Messing <jmessing@law-on-line.com>]

All:

I personally dislike bullies, whether street thugs or the intellectually
effete. Please modulate your tone and comments accordingly.

Thank you.


> -------- Original Message --------
> Subject: RE: [oasis-charter-discuss] EKMI
> From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
> Date: Sat, November 18, 2006 8:03 pm
> To: "Arshad Noor" <arshad.noor@strongauth.com>
> Cc: <oasis-charter-discuss@lists.oasis-open.org>,
> <ietf-keyprov@safehaus.org>, "June Leung" <June.Leung@FundServ.com>,
> "Terwilliger, Ann" <aterwil@visa.com>, "John Messing"
> <jmessing@law-on-line.com>, "Davi Ottenheimer" <davi@poetry.org>,
> <ken@adler.net>
> 
> > From: Arshad Noor [mailto:arshad.noor@strongauth.com] 
> 
> > The confusion between the WG and TC charters arises because 
> > of the industry's (sometimes misguided) notion for referring 
> > to the "shared secrets" of authentication credentials as 
> > "symmetric keys" - which is similar to the term used by 
> > cryptographers when referring to encryption/decryption keys 
> > used with symmetric ciphers.
> 
> The use of the term symmetric key to refer to a MAC key is the accepted term in the field.
> 
> There are several proposed MAC modes for AES and there are several composite encryption/authentication modes for block ciphers.
> 
> 
> > In addition, the use of such algorithms (3DES, AES) and 
> > symmetric- encryption keys by the KEYPROV protocols to 
> > protect the "shared credential secret" during provisioning, 
> > adds to the confusion.
> > Some might be misled into thinking that 3DES/AES keys are 
> > being provisioned by the Provisioning System for general use 
> > by business applications, as opposed to the use of those 
> > symmetric encryption keys by the Provisioning System and the 
> > Credential Container for securely transporting the 
> > credential-secret between the two.
> 
> Such misperceptions are not a concern. It is not our job to give people tutorials in network protocol design.