Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added a Use In CMS section #15

Merged
merged 13 commits into from
Mar 2, 2024
Merged

Added a Use In CMS section #15

merged 13 commits into from
Mar 2, 2024

Conversation

ounsworth
Copy link
Contributor

@ounsworth ounsworth commented Feb 6, 2024
edited
Loading

Adding this section here avoids the need for a wrapper draft telling you how to use composite KEM in CMS.

Closes #12

@ounsworth
Copy link
Contributor Author

ounsworth commented Feb 13, 2024
edited
Loading

Note-to-self: look at whether we need to specify higher levels of KDF and WRAP for the stronger algorithms -- see how DVG did it in the CMS-Kyber draft.

UPDATE: done.

@ounsworth
Copy link
Contributor Author

ounsworth commented Feb 14, 2024
edited
Loading

Question: does the ## Certificate Conventions section collide with the recently-merged Key Usage section?

UPDATE: I think this is fine because this section is intended to be able to be standalone if LAMPS wants the alg definitions, and the "Use in CMS" to become separate documents.

danvangeest
danvangeest reviewed Feb 15, 2024
View reviewed changes
@ounsworth
Copy link
Contributor Author

We also need to add the SMIME-CAPS to the ASN.1 (find a good example doc).

danvangeest
danvangeest reviewed Feb 23, 2024
View reviewed changes
Copy link
Contributor

@danvangeest danvangeest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry! I created this review last week but forgot to actually submit it!

@ounsworth
Copy link
Contributor Author

ounsworth commented Feb 29, 2024
edited
Loading

Thanks for the review @danvangeest

Still TODO:

  • We also need to add the SMIME-CAPS to the ASN.1 (find a good example doc).
    • UPDATE: done.

@ounsworth
Copy link
Contributor Author

Review comments from Russ:

Mike:

You are using a mix of "wrap algorithm" and "key-encryption algorithm". CMS usually uses the later. Line 683 got it just right. That is, id-aes256-Wrap identifies a particular key-encryption algorithm. I am not sure the text at the top is aligned.

Line 663: I think you need o say how that happens. In some cases a different OID is used, but in others a different parameter value is used.

Line 675: make it clear thet it is the KEM.Encaps(pk). The function is specific to the KEM identified in 'kem'.

Line 681: Do any of your composite KEM algorithms REQUIRE a ukm? I can imagine a way to use DH and ECDH that require a UKM.

Russ

danvangeest
danvangeest reviewed Mar 2, 2024
View reviewed changes
@ounsworth ounsworth merged commit 5c2e3c0 into main Mar 2, 2024
2 checks passed
@ounsworth ounsworth deleted the mikeo_use_in_cms branch March 2, 2024 22:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@job job job left review comments

@danvangeest danvangeest danvangeest left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add a section "Use in CMS"
3 participants
@ounsworth @job @danvangeest