W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2002

Re: FW: Re: rsa/oaep

From: Jiandong Guo <jguo@phaos.com>
Date: Thu, 18 Apr 2002 13:00:00 -0400
Message-ID: <3CBEFB90.B591D26A@phaos.com>
To: reagle@w3.org
CC: Tom Gindin <tgindin@us.ibm.com>, xml-encryption@w3.org

Joseph Reagle wrote:

> On Thursday 18 April 2002 11:29, Jiandong Guo wrote:
> > The common sense is that if a parameter in a algorithm  is not present,
> > then the default should be used if there is one.
> As an aside, I'm likely to oppose this sort of specification as it is
> counter to the rest of the spec where if some bit of variable syntax is not
> present, the semantic is unkown (application defined) instead of an
> implicit (default) semantic.

I don't mean we should default anything. But the PKCS1 v2.0 specification
put a default value for each parameter of RSA_OAEP so that when it is not
this default value is supposed to be used. Since we are missing out the MGF
element in our syntax, it is natural to assume that we will use their default
MGF (which is MGF1SHA1)
So if we don't want to create a MGF child element in our schema, there is no
reason we should break this requirement.

Jiandong Guo
Phaos Technology

> Otherwise, it looks like we have a couple of options:
> 1. (the present scheme): the hash is user specified; mgf is SHA-1.
> 2. the hash and mgf is user specified and they are always the same.
> 3. the hash and mgf are independently user specified.
> --
> Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
> W3C Policy Analyst                mailto:reagle@w3.org
> IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
> W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Thursday, 18 April 2002 12:59:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC