ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-hmac-key-wrap-00.txt

2002-02-08 11:11:53

"Housley, Russ" <rhousley(_at_)rsasecurity(_dot_)com> writes:

The minutes from the S/MIME WG session at the IETF meeting last December
include the following:

   The first issue dealt with the problem of wrapping an HMAC key with a
   Triple-DES, RC2 or AES key.  Currently, one password-based key management
   includes a defined method for this operation.  A new draft is to be
   prepared to define a mechanism.

I pointed out when the meeting minutes were posted to the list that this was
unnecessary because it's already provided for in PWRI.  I also pointed out that
I'd been wrapping HMAC keys using 3DES for several years using the PWRI wrap
mechanism.  PWRI defines a universal wrap mechanism which will wrap any key in
any other key, which eliminates the need for creating further special-case
RFCs.  A single implementation of PWRI will wrap anything in anything else, so
you don't have to keep rewriting your code every time a new key wrap RFC
appears.

Peter.