On Sun, 27 Aug 2023, at 18:16, Heikki Vatiainen wrote: > RFC 7170 and the current draft have diverged in how IMSK is calculated. > > In short: > 1. RFC 7170 pass EMSK to TLS-PRF whereas the draft passes both EMSK and MSK > to TLS-PRF. > 2. While RFC 7170 adjusts only MSK to 32 octet length, the draft adjusts > both EMSK and MSK. > > See section 5.2 "Intermediate Compound Key Derivations" in the diff for > the > current changes: > https://author-tools.ietf.org/diff?doc_1=RFC7170&doc_2=draft-ietf-emu-rfc7170bis-13%2F > > I've created a pull request with more details about which two commits have > lead to this change and my suggested fix. > > https://github.com/emu-wg/rfc7170bis/pull/27 > > Alex, please comment. I've discussed this with a colleague and we think the > current draft would break compatibility with the existing implementations.
Your change describes what I implemented for FreeRADIUS. The previous text was wrong. I agree with your amendment. Great catch, the other crucial goal of 7170bis was to clear up all the crypto greyness Journi flagged through all those errata queries. Thanks! _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
