Last Call Review of draft-ietf-keyprov-symmetrickeyformat-
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
The document defines an ASN.1 container for symmetric keys. This seems
useful. For the most part the document is clear. I have the following
comments (I also copied the authors of draft-ietf-keyprov-pskc-05 since
some of the comments may more pertain to that document).
1. Is the sKey value encrypted or clear text?
2. Section 3.2.12 Value MAC
I was not clear to me how this MAC was calculated. What exactly does it
cover? I assume it is the octet string in the sKey field in the
OneSymmetricKey sequence. Does it include the ASN.1 encoding or not.
3. Why is section 4 necessary in
draft-ietf-keyprov-symmetrickeyformat-07 and not in