- From: Ryan Sleevi <sleevi@google.com>
- Date: Mon, 13 Aug 2012 15:20:56 -0700
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
On Sat, Aug 11, 2012 at 11:54 PM, Anders Rundgren <anders.rundgren@telia.com> wrote: > The security consideration part of the current draft mentions "tainting" as one example of protecting keys against possible algorithm multiuse (=misuse). > IMO, this is an issuer problem, not an UA ditto. > > A better solution would be to mark they key during creation as only usable with a specific set of algorithms. Thank you for your input. This had been discussed at a very high level during discussions that led to ACTION-18. I think it is important that we're able to support both types of key generation operations. That is, "generate me an RSA key pair of size X" and "generate me an RSA key pair of size X that is usable for RSA-PSS signature creation with algorithms A, B, or C as the hash and algorithm D as the mgf" The latter form has some degree of appeal, in that the caller can ensure that the key they generate will be usable for the operation they desire. However, this requires callers to fully enumerate their desired uses, and (if allowed to have an OR/AND syntax), complexities regarding incompatible usages. This is something that should be resolved once ACTION-18 has proposed text attached. > > Nope, it doesn't match well with PKCS #11... > > Yep, that's the way it is done in SKS :-) > > Anders >
Received on Monday, 13 August 2012 22:21:26 UTC