ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-hmac-key-wrap-00.txt

2002-02-08 10:20:03

Peter:

The minutes from the S/MIME WG session at the IETF meeting last December include the following:

   The first issue dealt with the problem of wrapping an HMAC key with a
   Triple-DES, RC2 or AES key.  Currently, one password-based key management
   includes a defined method for this operation.  A new draft is to be
   prepared to define a mechanism.

Clearly, the people at the meeting felt that the key wrap algorithm in RFC 3211 was intended for used with password-derived KEKs.

Russ


At 05:07 PM 2/8/2002 +1300, Peter Gutmann wrote:

>The key wrap algorithms defined in [3DES-WRAP] and [AES-WRAP] cover the of
>wrapping a Triple-DES key with another Triple-DES key and wrapping an AES key
>with another AES key, respectively.  This document specifies two similar
>mechanisms.  One specifies the mechanism for wrapping an HMAC key with a
>Triple-DES key, and the other specifies the mechanism for wrapping an HMAC key
>with an AES key.

Given that RFC 3211 specifies a universal algorithm for wrapping any key in any
other key, is there any need to create special-case x-in-y wrap RFCs of this
kind?  This draft seems entirely superfluous, since a standards-track RFC
containing an algorithm which does what's in the draft already exists.

Peter.