W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

Re: URI Scheme for Cryto Hashes

From: Peter Williams <home_pw@msn.com>
Date: Mon, 9 Jan 2012 19:54:03 -0800
Message-ID: <snt0-p7-eas118602989C54286D204A99292990@phx.gbl>
To: Kingsley Idehen <kidehen@openlinksw.com>
CC: WebID XG <public-xg-webid@w3.org>
Fun variant is to use rsa signing as the "hash"

Use the ANSI rsa variant, not pkcs. Then the bytes of the signature wrap the content string.

Remember we can now do 2048 bit rsa pretty fast, revealing the uri within and authenticating in one go.

One needs raw mode of rsa which will generally verboten to consumers.

One uses oaep padding of the uri, to address adaptive cipher text vulnerabilities - against what would be publicly available cipher text.

The public keys for verifying the "hash" and unwrapping oaep (basically 2 round des used as an hmac) may or may not be published. They can be confidential.

The output of one can be wrapped by another (of 16 bits larger modulus).

Use the crypto. We are passed the cold war, limiting rsa for signing and key transport.

Sent from my iPhone

On Jan 9, 2012, at 2:53 PM, "Kingsley Idehen" <kidehen@openlinksw.com> wrote:

> All,
> FYI, please digest: http://tools.ietf.org/html/draft-hallambaker-digesturi-02 .
> -- 
> Regards,
> Kingsley Idehen    
> Founder&  CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
Received on Tuesday, 10 January 2012 03:54:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:29 UTC