"Housley, Russ" <rhousley(_at_)rsasecurity(_dot_)com> writes:
The minutes from the S/MIME WG session at the IETF meeting last December
include the following:
The first issue dealt with the problem of wrapping an HMAC key with a
Triple-DES, RC2 or AES key. Currently, one password-based key management
includes a defined method for this operation. A new draft is to be
prepared to define a mechanism.
I pointed out when the meeting minutes were posted to the list that this was
unnecessary because it's already provided for in PWRI. I also pointed out that
I'd been wrapping HMAC keys using 3DES for several years using the PWRI wrap
mechanism. PWRI defines a universal wrap mechanism which will wrap any key in
any other key, which eliminates the need for creating further special-case
RFCs. A single implementation of PWRI will wrap anything in anything else, so
you don't have to keep rewriting your code every time a new key wrap RFC
appears.
Peter.