pkcs11 message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Groups - TLS 1.2 mechanisms uploaded
- From: Robert Relyea<rrelyea@redhat.com>
- To: pkcs11@lists.oasis-open.org
- Date: Wed, 31 Jul 2013 17:41:14 -0700 (PDT)
Submitter's message
Please comment on the following areas specifically before we propose this for a ballot:
Mechanism and PARAM names: I changed TLS-> TLS12, but that may not be the best as the mechanism are likely to apply to future versions of TLS as well. Names with _WITH_HASH seemed a little unwieldy, but I wouldn't object to them.
Whether or not I should add the hash text to each mechanism description instead if just in the beginning, PRF and in the PARAM description.
The hash parameter is a CKM_MECHANISM_TYPE hash; with no descriptive prefix (a la ulHash for instance). I did this because I could not find any other examples of a CKM_MECHANISM_TYPE parameter other then in the CKM_MECHANISM structure (where it is devoid of a descriptive prefix as well). I'm will to add one if everyone is agreed. mHash or ulHash may be better.
bob
-- Mr. Robert Relyea
Document Name: TLS 1.2 mechanisms
Description
This adds the new mechanism needed to support TLS 1.2.
TLS 1.2 is basically the same as TLS 1.0 and TLS 1.1 except that in TLS 1.2
the underlying hash used for the PRF can be negotiated as part of the
protocol. This proposal adds a mechanism the parameters for the TLS
mechanism to select the desired hash. A hash of CKM_SHA1 would produce the
same results as the existing TLS mechanism.
Download Latest Revision
Public Download Link
Submitter: Mr. Robert Relyea
Group: OASIS PKCS 11 TC
Folder: Documents
Date submitted: 2013-07-31 17:41:06
|
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]