[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: PKCS#11 review comments for base spec 3.0 WD05 and curr 3.0 WD06
Hi, Here are my latest round of review comments. Most of them are focused on areas impacted by my proposals, but I did review some other areas of the specs as well. My comments for the base spec comments are embedded in the attached word
document as word comments (sorry for attaching the binary). My comments for the current mechanism are listed below on a line-by-line basis. Comments for pkcs11-curr-v3.0-wd06.docx: EC_KeyGen_w_Extra_Bits proposal does not appear to be in wd06. Normative and Non-Normative References I’m not sure which section these should go in, but the follow references need to be added. - RFC 8032, RFC 7748 from the “Additional ECC Curves” proposal - [BRAINPOOL] and [LEGIFRANCE} from the “Additional ECC Curves” proposal - SP800-108 [RFC 8032] Aboba et al, “Edwards-Curve Digital Signature Algorithm (EdDSA)”, IETF RFC 8032, January 2017.
[RFC 7748] Aboba et al, “Elliptic Curves for Security”, IETF RFC 7748, January 2016.
[FIPS SP 800-108] NIST. Special Publication 800-108 (Revised):
Recommendation for Key Derivation Using Pseudorandom Functions, October 2009.
Lines 3426-3427 This opening paragraph for section 2.3 Elliptic Curve was replace by two new paragraphs in “Additional ECC Curves” proposal. Line 3429 Table 28 is missing CKM_EDDSA from “Additional ECC Curves” proposal. Line 3431 Table 29, should it have a header for each column? The description for CKF_EC_OID should use “OID” instead of “oId”, to be consistent with other OID references. Line 3443, 3446 The text should use “OID” instead of “oId”, to be consistent with other OID references. Lines 3470-3485 This section was updated with an additional paragraph to explain EdDSA signature lengths. Lines 3534-3537 This paragraph needs tweaks. It should be the following. This allows detailed specification of all required values using choice
ecParameters, the use of a OID as an object identifier substitute for a particular set of elliptic curve domain parameters, or
implicitlyCA to indicate that the domain parameters are explicitly defined elsewhere, or
curveName to specify a curve name as e.g. define in [ANSI X9.62], [BRAINPOOL], [SEC 2], [LEGIFRANCE]. The use of a
OID or a curveName is recommended over the choice ecParameters. The choice
implicitlyCA must not be used in Cryptoki. Lines 3568-3571 This paragraph is the same as Lines 3534-3537. It should be replaced with the same update. Line 3612 This should be RFC 8032, not 7748. Line 3644 This should be RFC 8032, not 7748. Line 3843 This should be RFC 8032, not 7748. Lines 3847 and 3850 There are two sections (2.3.15 and 2.3.16) for XEdDSA. Is that intentional? Section 2.3.17 is also XEDDSA specific. I would expect 2.3.17 to be merged in to what is currently called 2.3.18 which contains all the
other EC related mechanism parameters. I think what is currently 2.3.15 is already in table 28 at the beginning of section 2.3. I think 2.3.16 should be left as-is as its own sub section in 2.3. Line 3852 This line has a reference to [XEDDSA], is that reference added to the Normative/Non-Normative sections? I didn’t see it, but may have missed it. Lines 3898-3901 The alignment for this table is off. Lines 3959-3990 This section about ECDH2 is to be removed. There are currently no mechanisms that reference it. Line 7892 The table numbers in this entire section (2.34 SP 800-108 Key Derivation) look wrong. Some are repeated (ie 34) and the table number resets to “4” at some point. Line 3644 Same comment, RFC 8032 Lines 7961-7963 Are these supposed to be “Arial 10”? Line 7988 ulWidthInBits is not aligned with the other parameters. Lines 7994-7997 Are these supposed to be “Arial 10”? Line 8012 ulWidthInBits is not aligned with the other parameters. Lines 8018-8022 Are these supposed to be “Arial 10”? Lines 8046-8048 A different font/size is used here compared to surrounding text Lines 8044-8051 The structure variables are not aligned. Lines 8073-8082 A mix of font/size is used and the variables are not aligned. Lines 8124 In table 5, the first column on the second row uses “CK_SP800_108_COUNTER”, but it should read “CKM_SP800_108_OPTIONAL_COUNTER”, as it is an optional parameter. Lines 8136 In table 6, the first column on the second row uses “CK_SP800_108_COUNTER”, but it should read “CKM_SP800_108_OPTIONAL_COUNTER”, as it is an optional parameter. Lines 8164-8167 This paragraph can be removed as it is basically repeated two paragraphs above. This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus. |
Attachment:
pkcs11-base-v3.0-wd05 - dj_comments.docx
Description: pkcs11-base-v3.0-wd05 - dj_comments.docx
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]