W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2012

Re: Possible missing algorithms?

From: <Frederick.Hirsch@nokia.com>
Date: Fri, 6 Jul 2012 16:44:35 +0000
To: <cantor.2@osu.edu>
CC: <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Message-ID: <FB538FA7-63CD-464C-BBF7-2D08D5DCA30A@nokia.com>
Scott

You are correct;  RFC 4051 [1] has an algorithm identifier for ECDSA-SHA224 in section 2.3.6, suggesting the omission was an oversight:

      http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224

It is also listed in the XML Security Algorithms Cross-Reference [2].

Thus I suggest we agree it should be added to the XML Signature 1.1 draft.

HMAC with 224 is listed in RFC 4051 but not in XML Signature 1.1 or the XML Security Algorithms Cross-Reference. Since it is in RFC 4051 I propose it should be added to XML Signature 1.1 and the cross reference, for consistency with RFC 4051.

Neither RFC 4051 nor the "XML Security Algorithms Cross-Reference " have an algorithm identifier for  "RSA with SHA-224". It could be added for consistency, but the URL should be defined in RFC 4051 (but is not). It would be very confusing if it were not of the same form.

I'll ask Donald about that, as we also have the open question of what to do with ECDSA-RIPEMD and  ECDSA-WHIRLPOOL.

All : any objection to adding ECDSA-SHA224 and HMAC-SHA224 to XML Signature 1.1 (and to the cross reference for HMAC-SHA224)? Please +1 if ok with it.

Any other suggestions regarding RSA-SHA224? 

regards, Frederick

Frederick Hirsch
Nokia

[1] http://www.ietf.org/rfc/rfc4051.txt

[2] http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html#ECDSA

On Jul 5, 2012, at 2:18 PM, ext Cantor, Scott wrote:

> In the vein of that AES-192 oversight, what is the status of RSA and ECDSA with SHA224?
> 
> I inherited some code that does define a URI constant for RSAw/SHA224, but I don't see it anywhere, so I'm wondering if it was a bug.
> 
> I also noted though that RFC 4051 does define a constant for ECDSA w/ 224, but it's not in the Sig 1.1 draft. Same goes for HMAC with 224 actually.
> 
> And I do see the latter two in the alg cross reference, so I'm thinking bug in Sig 1.1?
> 
> -- Scott
> 
> 
Received on Friday, 6 July 2012 16:45:24 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 6 July 2012 16:45:24 GMT