OASIS Charter Submission Discuss

 View Only

RE: [oasis-charter-discuss] EKMI

  • 1.  RE: [oasis-charter-discuss] EKMI

    Posted 11-19-2006 03:03
     
    > From: Arshad Noor [mailto:arshad.noor@strongauth.com] 
    
    > The confusion between the WG and TC charters arises because 
    > of the industry's (sometimes misguided) notion for referring 
    > to the "shared secrets" of authentication credentials as 
    > "symmetric keys" - which is similar to the term used by 
    > cryptographers when referring to encryption/decryption keys 
    > used with symmetric ciphers.
    
    The use of the term symmetric key to refer to a MAC key is the accepted term in the field.
    
    There are several proposed MAC modes for AES and there are several composite encryption/authentication modes for block ciphers.
    
    
    > In addition, the use of such algorithms (3DES, AES) and 
    > symmetric- encryption keys by the KEYPROV protocols to 
    > protect the "shared credential secret" during provisioning, 
    > adds to the confusion.
    > Some might be misled into thinking that 3DES/AES keys are 
    > being provisioned by the Provisioning System for general use 
    > by business applications, as opposed to the use of those 
    > symmetric encryption keys by the Provisioning System and the 
    > Credential Container for securely transporting the 
    > credential-secret between the two.
    
    Such misperceptions are not a concern. It is not our job to give people tutorials in network protocol design.