OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: References

Continuing Dr. Markowitz’s references theme. Currently section 2.3.16 of the current mechanism documents references [FIPS SP800-56A] section 5.8.1.1 for the definition of CKD_HASH_KDF_SP800.

  • The current revision of SP800-56a does not have a section 5.8.1.1. Presumably, this reference is to a prior revision, but since the revision isn’t specified it’s hard to tell. If it’s a reference to revision 2, then it is ambiguous as it doesn’t specify the relationship of “OtherInfo” to the derive parameters struct.
  • A couple of nits:
    • NIST SP800-56a Rev. 3 is not a FIPS document, it’s a NIST Special Publication.
    • The footnote says “1 The encoding in V2.20 was not specified and resulted in different implementations choosing different encodings. Applications relying only on a V2.20 encoding (e.g. the DER variant) other than the one specified now (raw) may not work with all V2.30 compliant tokens”. It should include 2.4, 3.0, and future versions instead of just V2.30.

 

Just to be clear, this is a comment intended for the v3.1 pkcs11 effort.

 

Sincerely,

Jonathan

 

Jonathan Schulze-Hewett

Director of Development

Information Security Corp

708-445-1704 (o) | 708-822-2926 (m)

schulze-hewett@infoseccorp.com

 

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]