Re: [Last-Call] [lamps] [OPS-DIR] Opsdir last call review of draft-ietf-lamps-rfc5990bis-05

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dhruv:

Thanks for taking my comments into consideration. Snipping directly to..

On Wed, Apr 24, 2024 at 11:17 PM Russ Housley <housley@xxxxxxxxxxxx> wrote:


- It is unusual to mention a draft name in the abstract. Perhaps change that to
RFC XXXX and add a note to the RFC editor that XXXX should be replaced with the
RFC# assigned to the draft.

Yes.  That document is already in the RFC Editor's queue.  It will have an RFC number before this document is published.


Dhruv: I like the practice of using RFC XXXX with the RFC editor note. Something like -- "...KEMRecipientInfo as specified in RFC XXXX."
"RFC Editor Note: Please replace XXXX with the RFC number allocated to draft-ietf-lamps-cms-kemri and remove this note".

I see.  I'll do a PR for that.


- Throughout the I-D there are various MUST conditions, it is unsure to me what
happens when those conditions are not met.

Some of the MUST statements are needed to properly implement RSA-KEM.  One has implemented a different (probably less secure) algorithm if the MUST statements are not follow, especially these:

   The RSA-KEM Algorithm provides a fixed-length ciphertext.  The
   recipient MUST check that the received byte string is the expected
   length and the expected length and corresponds to an integer in the
   expected range prior to attempting decryption with their RSA private
   key as described in Steps 1 and 2 of Appendix A.2.



Dhruv: I understand that, I was wondering if there is any existing reference that one could point to say that the error handling is as per existing RFCs? Feel free to ignore the comment if it doesn't make sense, you are the expert :)

I cannot think of anything to reference here.


- Section A.1, step 2 - "Encrypt the random integer Z..."; shouldn't this be z
instead of Z. I see RFC 5099 used z. Why was that changed?

RFC 5990 uses both z and Z.

    Z = IntegerToString (z, nLen)


Dhruv: I understood that lowercase z is the integer, whereas Z is the string and since the text uses "random integer", I thought this ought to be z instead of Z. Am I wrong? 

In RFC 5990, you do math on z (e.g., c = z^e mod n).  I believe the same is true in rfc5990bis (e.g., z = ct^d mod n).

Russ

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux