[Top] [All Lists]


2008-03-17 13:48:17
  I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see ).

Please resolve these comments along with any other Last Call comments
you may receive.

Document: Specification for the Derivation of Root Keys from an Extended 
Master Session Key (EMSK)
Reviewer: Joel M. Halpern       
Review Date: 17-March-2008
IETF LC End Date: 17-March-2008?
IESG Telechat date: N/A

Summary: This document appears ready for publication.

        While there has been much discussion on the IETF list of the references 
to "applications" in this document, I have chosen not to comment on 
that.  It seems to me that the relevant statement is that specific 
usages are out of scope for this document.
        The one thing that bothers me a little is the intended status of this 
document.  Given that the EMSK is entirely inside a system, and that 
therefore the actual generation process is internal to that system, I am 
not sure that a registry tied to the specifics of the generation 
mechanism, is appropriate.  A lot of this document is of the form "if 
you don't define it some other way, do this."  While very useful text, 
it actually doesn't seem to affect on-the-wire interoperability.  So I 
wonder if this whole document is more informational than "proposed 
standard?"  I'm not sure on this, but the containment property did 
strike me reading the document.

    While I would guess that the usage is actually the normal usage, the 
definitions of Usage Specific Root Key, Domain Specific Root Key and Key 
Management Domain are somewhat confusing for the outside reader. 
Specifically, the Key Management Domain is defined as being the scope of 
a given root key.  This leads the reader to conclude that any root key 
is inherently domain specific, because it defines a domain.  So how can 
one have a special kind of "Domain Specific Root Key" that is 
"restricted to use in a specific key management domain."  At a guess it 
is the difference between a domain defined by the key and a key defined 
to fit an existing domain.  But I hate guessing when it comes to RFCs. 
Given that the document later defines the domain for DSRK in terms of 
domain names, "adding "separately defined" or even "defined by a domain 
name" to the DSRK definition would address this.

    The last of the requirements (about separation of domain keys and 
usage keys and avoiding label collision) requires material later in the 
document in order to be understood.  A forward reference would be a good 
idea, indicating where the domain name and usage key label are described.

IETF mailing list

<Prev in Thread] Current Thread [Next in Thread>