W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2002

Re: FW: Re: rsa/oaep

From: Donald Eastlake 3rd <dee3@torque.pothole.com>
Date: Thu, 25 Apr 2002 00:40:50 -0400 (EDT)
To: xml-encryption@w3.org
Message-ID: <Pine.LNX.4.44.0204250005270.28918-100000@netbusters.com>
The whole concept of "a long term naming conventon for the use of OAEP"
seems odd to me. There are increasing doubts about the extent to which
OAEP actually strengthens things in practice and increasing doubts that
its promoise of "Optimal" is true. I believe that by the time people
want to use SHA-256 and a different Mask Generator Fuction, etc., they
are going to want to do something other than OAEP.

Seems to me that we should stick with the current implemented URI for
the currently implemented algorithm with the current parameters. If and
when it is desired to change one or more of the possible algorithmic
parameters which are not provided for but are fixed as an impliation of
the current URI, then a new URI should be picked which probably allows
all of the algorithms parameters allowed in the ASN.1 syntax. But as I
say, my guess is that by the time there is really pressure for this,
people will be doing ROAEP (Really Optimal Asymmetric Encryption
Padding, a name I just made up) or something...

Donald
======================================================================
 Donald E. Eastlake 3rd                       dee3@torque.pothole.com
 155 Beaver Street              +1-508-634-2066(h) +1-508-851-8280(w)
 Milford, MA 01757 USA                   Donald.Eastlake@motorola.com

On Mon, 15 Apr 2002, Tom Gindin wrote:

> Date: Mon, 15 Apr 2002 11:36:07 -0400
> From: Tom Gindin <tgindin@us.ibm.com>
> To: reagle@w3.org
> Cc: Jiandong Guo <jguo@phaos.com>, xml-encryption@w3.org
> Subject: Re: FW: Re: rsa/oaep
> Resent-Date: Mon, 15 Apr 2002 11:38:53 -0400 (EDT)
> Resent-From: xml-encryption@w3.org
>
>
>       Joseph:
>
>       I was proposing this as a long-term naming convention for the use of
> OAEP.  I did not propose that we replace the existing URI, merely that we
> document that the existing URI is "RSA with OAEP and SHA-1 used for both
> the hash algorithm and the MGF".
>
>             Tom Gindin
>
> Joseph Reagle <reagle@w3.org> on 04/12/2002 03:28:30 PM
>
> Please respond to reagle@w3.org
>
> To:    Tom Gindin/Watson/IBM@IBMUS, Jiandong Guo <jguo@phaos.com>
> cc:    xml-encryption@w3.org
> Subject:    Re: FW: Re: rsa/oaep
>
>
> On Wednesday 10 April 2002 17:23, Tom Gindin wrote:
> > By the way, the proposed URI is legitimate
> > under this convention, although it's a simplified case.
>
> I don't think we would simplify the issue by maintaining two URIs (and
> complicating it with a SHOULD). Given that there is an opposition to
> change, I think we just have to stick with what we have.
>
>
>
>
>
Received on Thursday, 25 April 2002 00:40:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:21 GMT