Script updating gh-pages from e6c70b6. [ci skip]

lamps-wg · Nov 27, 2023 · a0cedfe · a0cedfe
1 parent 8196fe8
commit a0cedfe
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 16 deletions.
diff --git a/draft-ietf-lamps-rfc4210bis.html b/draft-ietf-lamps-rfc4210bis.html
@@ -3855,8 +3855,7 @@ <h4 id="name-proof-of-possession-structu">
 <a href="#section-5.2.8" class="section-number selfRef">5.2.8. </a><a href="#name-proof-of-possession-structu" class="section-name selfRef">Proof-of-Possession Structures</a>
           </h4>
 <p id="section-5.2.8-1">&lt; ToDo: This section should be aligned with <a href="#sect-4.3" class="auto internal xref">Section 4.3</a> of this document and
-RFC 4211 Section 4. It should potentially be restructured
-and updated for better readability. Also some inconsistencies in Section 5.2.8.3 resulting from the update of RFC2510 to RFC4210 should be fixed. &gt;<a href="#section-5.2.8-1" class="pilcrow">¶</a></p>
+RFC 4211 Section 4.  May be an addition regarding challenge-response pop for KEM-Keys is required.&gt;<a href="#section-5.2.8-1" class="pilcrow">¶</a></p>
 <p id="section-5.2.8-2">If the certification request is for a key pair that supports signing , then
 the proof-of-possession of the private signing key is demonstrated through
 use of the POPOSigningKey structure as defined in <span>[<a href="#RFC4211" class="cite xref">RFC4211</a>]</span>.<a href="#section-5.2.8-2" class="pilcrow">¶</a></p>
@@ -3995,13 +3994,13 @@ <h5 id="name-challenge-response-protocol">
 is replaced with "(i.e., the certificate encrypted under the symmetric key
 derived from the CA's private KAK and the public key for which the certification
 request is being made)"; (2) the first
-parenthetical text of the challenge field of "Challenge" below is
+parenthetical text of the challenge field of "Challenge" in the ASN.1 Module of <a href="#sect-f" class="auto internal xref">Appendix F</a> is
 replaced with "(using PreferredSymmAlg (see <a href="#sect-5.3.19.4" class="auto internal xref">Section 5.3.19.4</a> and <a href="#sect-d.5" class="auto internal xref">Appendix D.5</a>)
 and a symmetric key derived from the CA's private KAK and the public key
 for which the certification request is being made)".  Alternatively, the
 POP can use the POPOSigningKey structure
 given in <span>[<a href="#RFC4211" class="cite xref">RFC4211</a>]</span> (where the alg field is DHBasedMAC and the signature
-field is the MAC) as a fourth alternative for demonstrating POP if
+field is the MAC). As a fourth alternative for demonstrating POP if
 the CA already has a D-H certificate that is known to the EE.<a href="#section-5.2.8.3-5" class="pilcrow">¶</a></p>
 <p id="section-5.2.8.3-6">The challenge-response messages for proof-of-possession of a private
 decryption key are specified as follows (see <span>[<a href="#MvOV97" class="cite xref">MvOV97</a>]</span>, p.404 for

diff --git a/draft-ietf-lamps-rfc4210bis.txt b/draft-ietf-lamps-rfc4210bis.txt
@@ -2203,10 +2203,8 @@ Table of Contents
 5.2.8.  Proof-of-Possession Structures
 
    < ToDo: This section should be aligned with Section 4.3 of this
-   document and RFC 4211 Section 4.  It should potentially be
-   restructured and updated for better readability.  Also some
-   inconsistencies in Section 5.2.8.3 resulting from the update of
-   RFC2510 to RFC4210 should be fixed. >
+   document and RFC 4211 Section 4.  May be an addition regarding
+   challenge-response pop for KEM-Keys is required.>
 
    If the certification request is for a key pair that supports signing
    , then the proof-of-possession of the private signing key is
@@ -2335,14 +2333,15 @@ Table of Contents
    Section 5.2.8.2 is replaced with "(i.e., the certificate encrypted
    under the symmetric key derived from the CA's private KAK and the
    public key for which the certification request is being made)"; (2)
-   the first parenthetical text of the challenge field of "Challenge"
-   below is replaced with "(using PreferredSymmAlg (see Section 5.3.19.4
-   and Appendix D.5) and a symmetric key derived from the CA's private
-   KAK and the public key for which the certification request is being
-   made)".  Alternatively, the POP can use the POPOSigningKey structure
-   given in [RFC4211] (where the alg field is DHBasedMAC and the
-   signature field is the MAC) as a fourth alternative for demonstrating
-   POP if the CA already has a D-H certificate that is known to the EE.
+   the first parenthetical text of the challenge field of "Challenge" in
+   the ASN.1 Module of Appendix F is replaced with "(using
+   PreferredSymmAlg (see Section 5.3.19.4 and Appendix D.5) and a
+   symmetric key derived from the CA's private KAK and the public key
+   for which the certification request is being made)".  Alternatively,
+   the POP can use the POPOSigningKey structure given in [RFC4211]
+   (where the alg field is DHBasedMAC and the signature field is the
+   MAC).  As a fourth alternative for demonstrating POP if the CA
+   already has a D-H certificate that is known to the EE.
 
    The challenge-response messages for proof-of-possession of a private
    decryption key are specified as follows (see [MvOV97], p.404 for