- From: Ilari Liusvaara <ilariliusvaara@welho.com>
- Date: Sat, 19 Jun 2021 18:45:59 +0300
- To: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On Fri, Jun 18, 2021 at 04:47:42PM -0400, Justin Richer wrote: > As discussed on the interim call this week, there’s a proposal for > changing the algorithm identifiers used in the message signatures > draft. There was spirited discussion on the topic, which I’ll try > to summarize here, and it’s been discussed in the following issue: > > https://github.com/httpwg/http-extensions/issues/1510 <https://github.com/httpwg/http-extensions/issues/1510> > > The editors have defined the following identifiers in the current draft, to be used with fully-specified cryptographic algorithms: > > - rsa-v1_5-sha256 > - rsa-pss-sha512 > - hmac-sha256 > - ecdsa-p256-sha256 > > Additional algorithms can be defined in an IANA registry, and as stated above, applications are free to use their own signature algorithms without registering a code point. > > The counter-proposal in question (at the issue above) proposes a date-based method for identifiers instead (replacing each identifier in the above list respectively): > > - rsa-2003 > - rsa-2005 > - hmac-2006 > - ecdsa-2013 > > > The sentiment on the call seemed fairly clear, but the editors are > seeking feedback and consensus as to whether the registered draft > should switch to the date-based identifier format as proposed or > to keep the current labels. Another point: Since abstract signatures and abstract MACs exist, algorithms only really make sense if there are multiple possible algorithms for a single key (this is usually not cryptographically kosher). RSA does have two possible algorithms, but looks like HMAC and (one subtype of) ECDSA only have one. -Ilari
Received on Monday, 21 June 2021 05:41:58 UTC