I have just started an implemenation for AutenticatedData and have the
1. Should we specify a suggested size for the randomly generated secret
to be used for HMAC-SHA1? (The size for HMAC-3DES is fixed at the size
of a 3DES key.)
2. What key wrap algorithm should I use for wrapping the secret for an
HMAC-SHA1 secret? I can see myself generating a 512 bit secret for the
MAC operation, now I need to wrap it in a 3DES, RC2 or AES key. What is
the proper way of doing this?
3. Does the answer for 2 imply that we want the lengths for 1 to be the
length of a defined content encrytion algorithm key?