Re: [pkcs11] Groups - TLS 1.2 mechanisms uploaded

[Wan-Teh Chang <wtc@google.com>]

Bob,

I read the Working Draft 02 (dated 5 July 2013) of your proposal for
TLS 1.2 mechanisms. Here are my review comments.

1. It is a simple extension of the four current CKM_TLS_xxx
mechanisms, so I am confident that they can be implemented.
(CKM_TLS_PRE_MASTER_KEY_GEN does not need to be extended for TLS 1.2
because it doesn't depend on the TLS PRF.)

2. You use a CK_MECHANISM_TYPE field to specify the hash function for
the TLS P_hash function (a component of the TLS PRF). A theoretical
problem is that a hash function may have parameters, so it would be
more general to use a CK_MECHANISM structure to specify the hash
function. Of course, this could be an overkill in practice.

Nit: I recommend adding the CK_MECHANISM_TYPE field to the beginning
of the various mechanism parameter structures.

3. Remove the "CK_BBOOL bIsExport" field. The export cipher suites
have been removed in TLS 1.1.

The rest are corrections of typographical errors.

4. In the first paragraph of section 1.1, "TLS mechanism" should be
changed to "TLS mechanisms" (plural) or perhaps "TLS 1.0 and 1.1
mechanisms".

5. In the first paragraph of section 1.1, the last sentence is
incorrect and should be removed:

    Specifiying CKM_SHA1 for the hash will produce the same results as
the standard TLS mechanism.

In TLS 1.0 and 1.1, an XOR of P_MD5 and P_SHA-1 is used to form the PRF.

Note: Spelling error: "Specifiying" => "Specifying"

6. In the table in section 1.1, the "Derive" function should be
checked for the CKM_TLS_PRF mechanism.

7. In section 1,1,1, the second occurrence of
"CKM_TLS12_MASTER_KEY_DERIVE" should be
"CKM_TLS12_MASTER_KEY_DERIVE_DH".

8. Search for "_TLS_" globally in your document. Many of the
occurrences should be changed to "_TLS12_".

Wan-Teh Chang