- From: Christopher Langton <chris@langton.cloud>
- Date: Mon, 12 Jul 2021 05:44:26 +0000
- To: "public-credentials@w3.org" <public-credentials@w3.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
- Message-ID: <h5V7Vq6ndpToeXGlL8PqMMKHEc-Zy5jxXWea2XIrIWkSLruAJMNxjJIyOHeeopKrQKOeXpAhay8pe7p>
I noticed that in this draft-ietf-httpbis-message-signatures-05 that has replaced expired draft-cavage-http-signatures-08 did not adopt many of the learning of it's predecessor, specifically regarding HMAC. This draft currently accepts HMAC-SHA256 however I recall reading draft-cavage dropped supporting that in earlier versions (9 or 10) Algorithm Name: hmac-sha256 Status: deprecated, specifying signature algorithm enables attack vector. Canonicalization Algorithm: [RFC_THIS_DOCUMENT], Section 2.3: Signature String Construction [25] Hash Algorithm: RFC 6234 [RFC6234], SHA-256 (SHA-2 with 256-bits of digest output) Message Authentication Code Algorithm: RFC 6234 [RFC6234], Section 7.1: SHA-Based HMACs and version 12 uses SHA512. Is it fair to assume draft-ietf-httpbis-message-signatures-06 i.e. next version, will deprecate HMAC-SHA256 also? Might i suggest supporting any of the following, because they are 'interchangeable' in implementation level detail; in openssl and majority of programming languages (and all libraries) that support a HMAC in the standard crypto construct. HMAC-SHA512 HMAC-SHA3-256 HMAC-SHA3-384 HMAC-SHA3-512 HMAC-BLAKE2B512 I have a proof of concept in Golang and ruby in a past employer, and have my own proof of concepts showing they are also interchangeable in bash using openssl, python using hashlib, nodejs using crypto, and JavaScript using Crypto.JS. I hope this is accepted, I am looking forward to HTTP signed requests getting publiched out of draft and more widely adopted, because alternatives are overly complex (implementation level) or offer some security charade (Hawk Authentication). This technical spec is a great balance of complex security characteristics and knowledge of the necessary implementation developers will need to do. Regards Christopher Langton
Attachments
- application/pgp-keys attachment: publickey_-_chris_langton.cloud_-_0x6D9E0FA9.asc
Received on Monday, 12 July 2021 07:31:35 UTC