[Top] [All Lists]

RE: Questions on AuthenticatedData

2001-10-07 22:01:04


Can you give a few places where this is the convention?  It seems
counter to what would be intuitive looking at the Microsoft APIs.  This
does not mean that you are not correct, I was just wondering.


-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Peter 
Sent: Sunday, October 07, 2001 6:45 PM
To: ietf-smime(_at_)imc(_dot_)org; jimsch(_at_)exmsft(_dot_)com
Subject: Re: Questions on AuthenticatedData

"Jim Schaad" <jimsch(_at_)nwlink(_dot_)com> writes:

1.  Should we specify a suggested size for the randomly 
generated secret to be
used for HMAC-SHA1?  (The size for HMAC-3DES is fixed at the 
size of a 3DES

The convention seems to be to use a 160-bit value (even if 
the spec says that
algorithms with variable-length keys use a 128-bit key and 
you use that and
then spend half a day trying to figure out why your MACs are 
failing when all
the other side tells you is "Bad MAC").


<Prev in Thread] Current Thread [Next in Thread>