> From: Arshad Noor [mailto:arshad.noor@strongauth.com]
> The confusion between the WG and TC charters arises because
> of the industry's (sometimes misguided) notion for referring
> to the "shared secrets" of authentication credentials as
> "symmetric keys" - which is similar to the term used by
> cryptographers when referring to encryption/decryption keys
> used with symmetric ciphers.
The use of the term symmetric key to refer to a MAC key is the accepted term in the field.
There are several proposed MAC modes for AES and there are several composite encryption/authentication modes for block ciphers.
> In addition, the use of such algorithms (3DES, AES) and
> symmetric- encryption keys by the KEYPROV protocols to
> protect the "shared credential secret" during provisioning,
> adds to the confusion.
> Some might be misled into thinking that 3DES/AES keys are
> being provisioned by the Provisioning System for general use
> by business applications, as opposed to the use of those
> symmetric encryption keys by the Provisioning System and the
> Credential Container for securely transporting the
> credential-secret between the two.
Such misperceptions are not a concern. It is not our job to give people tutorials in network protocol design.