[cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)

Nico Williams nico at cryptonector.com
Thu Jun 23 20:13:29 EDT 2011


On Wed, Jun 22, 2011 at 9:16 AM, Marsh Ray <marsh at extendedsubset.com> wrote:
> * There already are crypto APIs being defined in RFCs, they're just ad-hoc
> and lacking interoperability. E.g.
> http://tools.ietf.org/html/rfc6234#section-8.1

See also RFC3961 (the Kerberos V5 cryptosystem).

Specifying an abstract API for the Kerberos cryptosystem made security
analysis of subsequent Kerberos RFCs easier.  It also helped
implementors.

The Kerberos cryptosystem is too specific in its purpose to be a good
general-purpose crypto API.  But it is a good example of a standard
crypto API.

Nico
--



More information about the cryptography mailing list