As promised on the call yesterday, here's some proposed revision to Section 4.7.2:
OLD: """ Note: The Diffie-Hellman Key Agreement Method [RFC2631] uses a key derivation function similar to the Concat KDF, but with fewer parameters. Rather than having separate PartyUInfo and PartyVInfo parameters, it uses a single PartyAInfo parameter, which is a random string provided by the sender, that contains 512 bits of information, when provided. It has no SuppPrivInfo parameter. Should it be appropriate for the application, key agreement can be performed in a manner akin to RFC 2631 by using the PartyAInfo value as the "apu" (Agreement PartyUInfo) header parameter value, when provided, and by using no "apv" (Agreement PartyVInfo) header parameter. """ NEW: """ Applications must specify what values should be populated in the "apu" and "apv" parameters. Applications wishing to conform to [NIST.800-56A] need to provide values that meet the requirements of that document, e.g., by choosing values that identify the sender and recipient. Otherwise, it is RECOMMENDED that applications conduct key derivation in a manner similar to [RFC2631]: The "apu" field should be set to a random 512-bit value (analogous to PartyAInfo in [RFC2631]) and the "apv" field should be left empty. """ On Sun, Aug 11, 2013 at 6:56 PM, jose issue tracker < [email protected]> wrote: > #55: Mandatory entropy in ECC KDF inputs > > At the interim, there was agreement to require at least 512 bits of > entropy in the "apu" field, in order to ensure sufficient entropy in the > resulting key. That requirement has been lost in a subsequent revision. > > -- > -------------------------+------------------------------------------------- > Reporter: [email protected] | Owner: draft-ietf-jose-json-web- > Type: defect | [email protected] > Priority: major | Status: new > Component: json-web- | Milestone: > algorithms | Version: > Severity: - | Keywords: > -------------------------+------------------------------------------------- > > Ticket URL: <http://trac.tools.ietf.org/wg/jose/trac/ticket/55> > jose <http://tools.ietf.org/jose/> > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
