OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - PKCS11_HSS_SPEC.docx uploaded

Submitter's message
Hi all,

I have uploaded my latest version of the HSS spec with the modifications discussed at the face-to-face meeting.

I?ve made the proposed changes obvious by making them red and striking out removed text; if they are approved I will finalize the modifications.

- I added a reference to NIST Special Publication 800-208.

- As discussed in the meeting, ECC does ?crack the params? into ASN, however PKCS in general prefers not to, so I have left the levels, lm_type, and lm_ots_type, as byte values in the specifiedParams struct (1.1.2), however I added a typedef CK_BYTE CK_HSS_LEVELS to match the CK_LMS_TYPE and CK_LMOTS_TYPE typedefs.

- I removed the parameters from the CKA_VALUE in the public (1.1.2) and private (1.1.3) key template since they were just duplicating what already exists in CKA_HSS_PARAMS, and in general other sections of the spec don?t seem to do this. (I originally included them in the CKA_VALUE because implementation I was using as a guide (https://github.com/cisco/hash-sigs) concatenates the parameters (in two different formats!) with the public/private key values in the output of hss_generate_private_key.) I added to the CKA_VALUE of the private key the note that the private key value must not be exported in order to protect the private key.

- I added the CKA_NEVER_EXTRACTABLE attribute, set to true, to the private key template (1.1.3), but perhaps this should just be the CKA_EXTRACTABLE attribute, set to false?

- I also completely removed the specification of the contents of CKA_VALUE for the private key object (1.1.3) and said that it was vendor defined. It was suggested at the face to face meeting that since the private key was not extractable this section could be removed completely. If we do this, where should we add the warning in the text that the private key must not be exported?

- I added the N24 and SHAKE range of parameters to Tables 3 and 4 for CK_LMOTS_TYPE and CK_LMS_TYPE.

- In 1.1.4 and 1.1.5, I added that the unused parameters ulMinKeySize and ulMaxKeySize must be set to 0.


Sincerely,
Michelle

-- Dr. Michelle Brochmann
Document Name: PKCS11_HSS_SPEC.docx
Description
Draft of the HSS section for the upcoming PKCS 11 specification.
Download Latest Revision
Public Download Link
Submitter: Dr. Michelle Brochmann
Group: OASIS PKCS 11 TC
Folder: Working Drafts
Date submitted: 2020-03-15 13:09:50
Revision: 2

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]