W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

Widget Signature Issue - DSA-SHA256 may not be good algorithm choice

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Thu, 8 Jan 2009 12:51:10 -0500
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, XMLSec WG Public List <public-xmlsec@w3.org>
Message-Id: <A32F3E76-EE23-4DC0-B253-0A565BDFC6F8@nokia.com>
To: public-webapps <public-webapps@w3.org>

I would like to raise an issue related to Widget Requirement R46 which  
specifies DSA Signature [1] and the Widgets 1.0 Digital Signature  
editors draft [2] that requires DSA-SHA256 since this may not be a  
good algorithm choice.

One concern is availability of implementations,  a question that was  
raised on today's Web Applications teleconference.

I have a comment below from Brian LaMacchia, a  member of the XML  
Security WG, that notes the issue.

Much thanks Brian for noting this issue and expressing it clearly.

regards, Frederick

Frederick Hirsch
Nokia

[1] http://dev.w3.org/2006/waf/widgets-reqs/#r46.-

[2] http://dev.w3.org/2006/waf/widgets-digsig/#digital

Begin forwarded message:

> From: "ext Brian LaMacchia" <bal@exchange.microsoft.com>
> Date: January 8, 2009 12:23:09 PM EST
> To: Frederick Hirsch <frederick.hirsch@nokia.com>
> Subject: RE: DSA-SHA-256?
>
> No, my comment (I think) was that I was quite surprised by the  
> Widget folks choosing DSA-SHA256 as the mandatory-to-implement  
> signature alg, because (a) it's not a standard yet (until FIPS 186-3  
> comes out), (b) there are no widely-deployed implementations today,  
> and (c) I don't see any other standard org going in that direction.   
> Everyone is moving to ECDSA-SHA256 (if anything) -- that's what the  
> US Government is moving towards with the Suite B set of algorithms,  
> that's what we're moving to in 1.1, etc.
>
> SHA-1 is dying, so Widget clearly needs to use at least SHA-256.   
> But I would have expected them to go for ECDSA-SHA256 or (perhaps)  
> RSA-SHA256, but for small devices like cellphones ECDSA-SHA256 would  
> make more sense.
>
> Hope that helps,
>
> 					--bal
>>
>
Received on Thursday, 8 January 2009 17:51:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT