pgut001(_at_)cs(_dot_)aucKland(_dot_)ac(_dot_)nz (Peter Gutmann) writes:
The key wrap algorithms defined in [3DES-WRAP] and [AES-WRAP] cover the of
wrapping a Triple-DES key with another Triple-DES key and wrapping an AES key
with another AES key, respectively. This document specifies two similar
mechanisms. One specifies the mechanism for wrapping an HMAC key with a
Triple-DES key, and the other specifies the mechanism for wrapping an HMAC
key
with an AES key.
Given that RFC 3211 specifies a universal algorithm for wrapping any key in
any
other key, is there any need to create special-case x-in-y wrap RFCs of this
kind? This draft seems entirely superfluous, since a standards-track RFC
containing an algorithm which does what's in the draft already exists.
I must admit, I've got the same question. If the argument is that
3211 is somehow inadequate, it seems to me that the fix would be to
design an adequate mechanism, not to write a separate draft for each
encryption algorithm/key pair.
-Ekr
--
[Eric Rescorla ekr(_at_)rtfm(_dot_)com]
http://www.rtfm.com/