Re: draft-ietf-smime-aes-alg-06.txt

["Steven M. Bellovin" <smb@research.att.com>]

In message <7D5D48D2CAA3D84C813F5B154F43B155016A3102@nl0006exch001u.nl.lucent.c
om>, "Wijnen, Bert (Bert)" writes:
>Since I get to see a lot of OID stuff in SNMP and BER encodings
>of it, I wondered.

I assume you mean "ASN.1" instead of "SNMP"...
>
>What I see in this doc is:
>
>bottom of page 4 (example 1):
>        30 11
>         06 09 60 86 48 01 65 03 04 01 05           ; AES-128 wrap OID
>page 5 (example 2):
>      30 11
>         06 09 60 86 48 01 65 03 04 01 2c            ; AES-256 wrap OID
>top of page 6:
>      30 11
>         06 09 60 86 48 01 65 03 04 01 2c            ; AES-256 wrap OID
>
>And in section 2.3.2 (page 6):
>
>   NIST has assigned the following OIDs to define the AES key wrap
>   algorithm.
>
>        id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
>        id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 }
>        id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }
>
>From that, it seems to me that 
>         06 09 60 86 48 01 65 03 04 01 2c            ; AES-256 wrap OID
>is not in sync with 
>        id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }
>Because I think that the 2c at the end should be 2d in order to 
>represent the last subid of 45 
>

I'll let Russ comment.  (I'm taking the day off, and probably ignoring 
most of my email until Monday, especially anything that looks like it 
will take thought or work.)


		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)