Ben Laurie on OpenSSL algorithms (and Elliptic Curve)

With Ben Laurie's permission, below is an exchange regarding OpenSSL  
and its support for various algorithms.
regards, Frederick

Frederick Hirsch
Nokia



Begin forwarded message:

> From: "ext Ben Laurie" <benl@google.com>
> Date: January 22, 2009 11:41:37 PM EST
> To: Frederick Hirsch <frederick.hirsch@nokia.com>
> Cc: Arthur Barstow <art.barstow@nokia.com>
> Subject: Re: OpenSSL algorithms (and Elliptic Curve)
>
> On Fri, Jan 23, 2009 at 3:54 AM, Frederick Hirsch
> <frederick.hirsch@nokia.com> wrote:
>> Ben
>> I have a question related to OpenSSL that is relevant to the W3C  
>> Widgets
>> work in the Web Applications WG, as well as the W3C XML Security WG.
>>
>> It looks to me, looking at the Open SSL openssl-0.9.8j  
>> distribution, that
>> elliptic curve is included by default. Is that a correct  
>> interpretation?
>
> Yes, I believe so.
>
>> (I
>> assume this is the Sun contribution that was made earlier[1]?)
>> The README appears to be slightly out of date, and I was not able  
>> to find a
>> list of supported algorithms. Do you know if the following  
>> algorithms are
>> included in the latest OpenSSL release?
>
> I think so, but without checking the code I can't be sure, and I'm
> travelling right now. Except DSAwithSHA1, which has always been there.
> I thought (but I could be behind the times) that DSAwithSHA256 had not
> yet been standardised?
>
>> digest
>> SHA-256
>> mac
>> HMAC-SHA256
>> signature
>> RSAwithSHA256
>> ECDSAwithSHA256
>> DSAwithSHA1
>> DSAwithSHA256
>>
>> One reason I ask is that the W3C XML Security WG has 1.1 drafts of  
>> XML
>> Signature [2] and XML Encryption [3] that contain an algorithm  
>> update, and
>> I'd like to understand which of these are already in OpenSSL. This  
>> could
>> also impact widgets adoption.
>> Do you have any comment on the IPR status of elliptic curve as  
>> viewed by
>> OpenSSL?
>
> No, we try to avoid having views on IPR.
>
>> If you have any comment on the XML Signature 1.1 or XML Encryption  
>> 1.1
>> changes, please let me know.
>> Thanks
>> regards, Frederick
>> Frederick Hirsch
>> Nokia
>> [1] http://research.sun.com/projects/crypto/FrequenlyAskedQuestions.html
>> [2] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview_diff.htm#sec-AlgID
>> [3] http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview_diff.htm
>>

Received on Thursday, 2 April 2009 15:14:30 UTC