On Tue, Aug 30, 2011 at 11:04 AM, Novikov, Lev <[email protected]> wrote: > Kevin, > > On 2011-08-26 16:34, Lev Novikov wrote: >> 2. Traditional data-in-transit and -at-reset case (cf. PKCS#11) > > On 2011-08-26 18:25, Kevin Wall wrote: >> I presume that you meant 'at-rest' rather than 'at-reset' here? > > Yes. Hopefully we're not resetting the data when we store it.
Yes; that would be bad. ;-) > On 2011-08-26 18:25, Kevin Wall wrote: >> What are your assumptions about crypto keys? Are you assuming that >> 2 parties have already met and shared keys (probably out of band)? >> If not, then I could see maybe use cases involving secure key >> exchange. However, I suspect that is considered out of scope. > > I don't think the model should assume that keys were pre-shared. For > example, CICM currently supports negotiating an asymmetric key which > results in an ephemeral symmetric key. > > See: http://tools.ietf.org/html/draft-lanz-cicm-cm-01#section-8 > > Therefore, adding a use case for a secure key exchange seems > reasonable (assuming I understood your proposed case correctly). I didn't realize that CICM supported key negotiation, but if it does, I agree that there should be a use case for secure key exchange to describe it. -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cicm mailing list [email protected] https://www.ietf.org/mailman/listinfo/cicm
