Judy,
Comments in line...
spt
Furlong_Judith@emc.com wrote:
> When I was writing up the new section for the KMIP Usage Guide I
> reviewed the key format definitions in the KMIP Specification (see
> section 2.1.7). I noticed that we are using different terminology when
> describing DSA (section 2.1.7.2/3) keys and DH (section 2.7.1.6/7) and
> that the order of parameters are slightly different between the two
> sections. Given that the same key could be used in both of these
> algorithms it may make some since to make these two sections consistent
> with one another.
>
> Here is a summary of the discrepancies between the two section....
>
> * In sections 2.1.7.2/3 in the text below the tables we refer to Q
> as the prime divisor while in sections 2.1.7.6/7 in the text below the
> tables we refer to Q as the prime factor. We should standardize upon
> one term either divisor or factor and use it in both sections.
From 186-3:
Section 2
q 1. For DSA, one of the DSA domain parameters; a prime factor
of p – 1.
2. For RSA, a prime factor of the modulus n.
Q An ECDSA public key.
Section 4 (DSA)
q a prime divisor of (p-1)
So I think you can pick your poison. Personally, I don't care which it is.
> * In sections 2.1.7.6/7 in the text below the tables please change
> 'P is the prime, ..." to 'P is the prime modulus,...' to make these
> sections consistent with section 2.1.7.2/3
See above.
> * In Table 10 the order of key components is P, Q, G, X while in
> Table 14 the order of key components is P, G, Q, J, X -- I would
> recommend that we change the order in Table 14 to P, Q, G, J, X and the
> text below Table 14 should be reorder in the same manner.
DSA has three parameters p, q, and g. The DSA private key is referred
to as x as per FIP 186-3 and the DSA public key is referred to as y in
FIPS 186-3.
What's J? I couldn't find it.
> * In Table 11 the order of key components is P, Q, G, Y while in
> Table 15 the order of key components is P, G, Q, J, X -- I would
> recommend that we change the order in Table 15 to P, Q, G, J, Y and the
> text below Table 14 should be reorder in the same manner.
See above.
> Also one other comment on Section 2.1.7.11 (ECDH Public Key) -- in the
> text below the table we have a reference to FIPS 186-3 -- Given that
> this document does not describe ECDH I'd suggest removing the text in
> parentheses.
Should we point to NIST SP 800-57-1 instead?
> Judy
>
> Judith Furlong | Principal Product Manager | EMC Product Security Office
> | RSA -The Security Division of EMC | t: 508 249 3698 | e:
> Furlong_Judith@emc.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
>