Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS)
draft-ietf-smime-cms-rsa-kem-13

Discuss

(Pasi Eronen)

Yes

(Cullen Jennings)

(Tim Polk)

No Objection

(Adrian Farrel)

(Alexey Melnikov)

(Dan Romascanu)

(Lars Eggert)

(Lisa Dusseault)

(Magnus Westerlund)

(Peter Saint-Andre)

(Ralph Droms)

(Robert Sparks)

(Ron Bonica)

(Ross Callon)

(Russ Housley)

Recuse

(Sean Turner)

Note: This ballot was opened for revision 13 and is now closed.

Pasi Eronen Former IESG member

Discuss

Discuss [Treat as non-blocking comment] (2010-03-10) Unknown

I have reviewed draft-ietf-smime-cms-rsa-kem-12, and have couple of
small concern that I'd like to discuss before recommending approval of
the document:

- It looks like the ASN.1 is not fully aligned with 18033-2 and X9.44.
I might be misinterpreting this, but to me it looks like 18033-2 and
X9.44 would use OID "id-ac-generic-hybrid" (instead of id-rsa-kem) as
the "top-level OID", and id-kem-rsa would be found in
GenericHybridParameters.kem structure.

(The OID id-rsa-kem doesn't seem to occur in 18033-2/X9.44 at all?
And BTW, it's *very* confusing to have two different OIDs named
id-rsa-kem and id-kem-rsa.)

- Section 2.1, "KDF3 (see [IEEE-P1363a])": IEEE 1363a-2004 doesn't
have KDF3; it does, however, define KDF2. Should this be KDF2, or
should the reference point to X9.44?

- It looks like ANS-9.44 needs to be normative references, since you
need the KDF to implement this.

Cullen Jennings Former IESG member

Yes

Yes (2010-03-10) Unknown

Thanks for the examples in the back. I know they helped at least one implementor.

Tim Polk Former IESG member

Yes

Yes () Unknown

Adrian Farrel Former IESG member

No Objection

No Objection () Unknown

Alexey Melnikov Former IESG member

No Objection

No Objection () Unknown

Dan Romascanu Former IESG member

No Objection

No Objection () Unknown

Lars Eggert Former IESG member

(was Discuss) No Objection

No Objection () Unknown

Lisa Dusseault Former IESG member

No Objection

No Objection () Unknown

Magnus Westerlund Former IESG member

No Objection

No Objection () Unknown

Peter Saint-Andre Former IESG member

No Objection

No Objection (2010-06-08) Unknown

1. In Section 1, the text "specified the of different object identifier" is missing a word (I assume "use" between "the" and "of").

2. In Section 2.4, this text is potentially confusing:

   The intended application for the key MAY be indicated in the key
   usage certificate extension (see [PROFILE], Section 4.2.1.3). If the
   keyUsage extension is present in a certificate that conveys an RSA
   public key with the id-rsa-kem object identifier as discussed above,
   then the key usage extension MUST contain the following value:

       keyEncipherment.

Is the indented text meant to be "keyEncipherment" (without the period) instead of "keyEncipherment." (with the period)?

Ralph Droms Former IESG member

No Objection

No Objection () Unknown

Robert Sparks Former IESG member

No Objection

No Objection () Unknown

Ron Bonica Former IESG member

No Objection

No Objection () Unknown

Ross Callon Former IESG member

No Objection

No Objection () Unknown

Russ Housley Former IESG member

(was Discuss, Yes, Discuss) No Objection

No Objection (2010-03-09) Unknown

Sean Turner Former IESG member

Recuse

Recuse () Unknown

Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS) draft-ietf-smime-cms-rsa-kem-13

Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS)
draft-ietf-smime-cms-rsa-kem-13