- From: XML Security Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Mon, 14 Dec 2009 14:47:30 +0000 (GMT)
- To: public-xmlsec@w3.org
ISSUE-158: Add SHA-1 warnings [Sig11 (XML Signature 1.1)] http://www.w3.org/2008/xmlsec/track/issues/158 Raised by: Frederick Hirsch On product: Sig11 (XML Signature 1.1) (from email http://lists.w3.org/Archives/Public/public-xmlsec/2009Dec/0033.html ) Do we need more text in XML Signature 1.1 regarding the suitability (or lack thereof) of SHA-1, and maybe a reference to the NIST recommendation to use SHA2 going forward from 2010 as well as the crypto regarding SHA-1? We probably also need to add this to the 1.1 requirements as well. Does anyone have a good pointer to a paper outlining why SHA-1 is no longer suitable? Is the suitable NIST reference the following, or is there a better one? [[ March 15, 2006: The SHA-2 family of hash functions (i.e., SHA-224, SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all applications using secure hash algorithms. Federal agencies should stop using SHA-1 for digital signatures, digital time stamping and other applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010. After 2010, Federal agencies may use SHA-1 only for the following applications: hash-based message authentication codes (HMACs); key derivation functions (KDFs); and random number generators (RNGs). Regardless of use, NIST encourages application and protocol designers to use the SHA-2 family of hash functions for all new applications and protocols. ]] http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
Received on Monday, 14 December 2009 14:47:32 UTC