Re: PKCS 1.5 signatures deprecated? from Ryan Sleevi on 2012-08-17 (public-webcrypto-comments@w3.org from August 2012)

From: Ryan Sleevi <sleevi@google.com>
Date: Fri, 17 Aug 2012 10:28:50 -0700
To: Anders Rundgren <anders.rundgren@telia.com>
Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>, Harry Halpin <hhalpin@w3.org>, GALINDO Virginie <Virginie.GALINDO@gemalto.com>, Wendy Seltzer <wseltzer@w3.org>
Message-ID: <CACvaWvb9yNukA_MR_mYPRMEB+CFYAcD2nSis8-v32xPRNnsfDw@mail.gmail.com>

On Thu, Aug 16, 2012 at 9:40 PM, Anders Rundgren
<anders.rundgren@telia.com> wrote:
> It seems from the list of algorithms that the signature method used by 99.99% of all existing
> applications has been deprecated since it is not listed.
>
> It doesn't get less puzzling when W3C's latest XML Signature draft
> http://www.w3.org/TR/xmldsig-core2 <http://www.w3.org/TR/xmldsig-core2/>
> list PKCS 1.5 signatures as REQUIRED and doesn't even mention the RSA-PSS algorithm as OPTIONAL!
>
> No, I'm not a cryptographer but AFAIK nobody has cracked PKCS 1.5 signatures
> in the way that has happened with PKCS 1.5 encryption and recently with AES-CBC.
>
> Feel free RECOMMEND whatever the "crypto-skeptical-community" thinks is OK,
> but ignoring the de-facto standard is probably not a great idea.
>
> Anders
>

Anders,

The draft is a live, in-progress draft being worked about the the
working group members who have agreed to the W3C Participation
Guidelines, as described on
http://www.w3.org/2004/01/pp-impl/54174/instructions . Priority to
both use cases and feedback is thus naturally granted to the
participating members, whose consensus forms the basis for the outputs
of this WG.

This draft has not advanced to First Public Working Draft, nor is it
reflective of the full consensus of the WG and the full direction that
will be taken. Thus, the absence of PKCS#1 v1.5/2.0/2.1 is by no means
a reflection of a decision not to support it, nor is the list of any
algorithms currently present a firm commitment to support them.

I would encourage you to wait before reviewing or commenting on the
document until FPWD, so then you can see what the consensus of the
group reflects. If you have issues with the draft at that point, I
encourage you to raise them, and they will be responded to. However, I
also encourage you to carefully review the charter, which has been
finalized, to see if the issues you will be raising - such as those
related to smart cards - have already been addressed as in-scope or
out-of-scope efforts.

When the WG is ready to publish the FPWD, I'm sure you'll be among the
first to comment, and I and my fellow editors will make every
reasonable attempt to respond to your feedback then.

Regards

Received on Friday, 17 August 2012 17:29:18 UTC