OASIS Open

Thales e-Security

Yes

I vote YES with the following recommended corrections to typos/oversights:

1) Replace all occurrences of FIPS PUB 186-2 and 186-3 with FIPS PUB 186-4.

2) Typo: replace all occurrences of 'PROBALISTIC' with 'PROBABILISTIC'

3) Typo: replace all occurrences of 'PARAMTER' with 'PARAMETER'

4) 1.1.6 needs a clarifying statement reflecting the new required parameter CKA_SUBPRIME_BITS. Specifically I recommend replacing the sentence, "The mechanism generates DSA domain parameters with a particular prime length in bits, as specified in the CKA_PRIME_BITS attribute of the template." with "The mechanism generates DSA domain parameters with a particular prime and subprime length in bits, as specified by the CKA_PRIME_BITS and CKA_SUBPRIME_BIT attributes of the template."

5) Correct oversights in 1.1.10 with respect to the new functionality which is no longer tied to 1024/160 bit prime/subprime lengths. Specifically, remove references to 20-byte hash values, or 40-byte strings and make these references generic as reflected in table 4. Mirroring the changes as already completed win section 1.1.11 should be sufficient.

6) Table 4 should refer to bytes, not bits. Also, a 64 byte input length is not supported given that subprime lengths are limited to 384 bits (e.g. 48 bytes max).