W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2002

Re: FW: Re: rsa/oaep

From: Tom Gindin <tgindin@us.ibm.com>
Date: Tue, 16 Apr 2002 14:15:51 -0400
To: reagle@w3.org
Cc: "Eastlake <Donald.Eastlake@motorola.com>"@pok.ibm.com, xml-encryption@w3.org
Message-ID: <OF0163D423.164988B7-ON85256B9D.0063963F@pok.ibm.com>

      Joseph:

      No, SHA-1 is the default MGF hash, not the only one.  In fact, I
don't even see a constraint that the MGF and regular hash functions need to
be the same size.  A suggestion that the two hash functions should be the
same is made with respect to the PSS signature technique.
      In any case, we won't be defaulting anything in code.  The only
defaults are in the naming convention.

            Tom Gindin


Joseph Reagle <reagle@w3.org> on 04/16/2002 01:56:26 PM

Please respond to reagle@w3.org

To:    Tom Gindin/Watson/IBM@IBMUS, "Eastlake
       <Donald.Eastlake@motorola.com>"
cc:    xml-encryption@w3.org
Subject:    Re: FW: Re: rsa/oaep


On Monday 15 April 2002 11:36, Tom Gindin wrote:
>       I was proposing this as a long-term naming convention for the use
> of OAEP.  I did not propose that we replace the existing URI, merely that
> we document that the existing URI is "RSA with OAEP and SHA-1 used for
> both the hash algorithm and the MGF".

Sorry for the misunderstaing Tom. Let me ask a question then. I've stated
I'm not comfortable with change to making SHA-1 the default value of the
DigestMethod being SHA-1. (Implicit semantics are generally avoided). I
plan to remove this on the next edits I do. *Whatever* algorithm provided
in DigestMethod is used by RSAES-OAEP-ENCRYPT. However, regardless of the
specified DigestMethod, SHA-1 is always used for the MGF1?
Received on Tuesday, 16 April 2002 14:16:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT