Re: Possible missing algorithms? from Bruce Rich on 2012-07-06 (public-xmlsec@w3.org from July 2012)

From: Bruce Rich <brich@us.ibm.com>
Date: Fri, 6 Jul 2012 15:46:44 -0500
To: <Frederick.Hirsch@nokia.com>
Cc: cantor.2@osu.edu, public-xmlsec@w3.org
Message-ID: <OF3713FF6A.56857524-ON86257A33.00716293-86257A33.007225AE@us.ibm.com>

Unenthusiastic +1
It's not widely adopted, but SHA224 meets minimum 112-bit NIST criteria.
May be important to smaller form-factor environments, where saving 32 bits 
this year is viewed as more important than having a durable solution.
Same logic for RSA-SHA224.

Bruce A Rich
brich at-sign us dot ibm dot com

From:   <Frederick.Hirsch@nokia.com>
To:     <cantor.2@osu.edu>
Cc:     <Frederick.Hirsch@nokia.com>, <public-xmlsec@w3.org>
Date:   07/06/2012 11:45 AM
Subject:        Re: Possible missing algorithms?

Scott

You are correct;  RFC 4051 [1] has an algorithm identifier for 
ECDSA-SHA224 in section 2.3.6, suggesting the omission was an oversight:

      http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224

It is also listed in the XML Security Algorithms Cross-Reference [2].

Thus I suggest we agree it should be added to the XML Signature 1.1 draft.

HMAC with 224 is listed in RFC 4051 but not in XML Signature 1.1 or the 
XML Security Algorithms Cross-Reference. Since it is in RFC 4051 I propose 
it should be added to XML Signature 1.1 and the cross reference, for 
consistency with RFC 4051.

Neither RFC 4051 nor the "XML Security Algorithms Cross-Reference " have 
an algorithm identifier for  "RSA with SHA-224". It could be added for 
consistency, but the URL should be defined in RFC 4051 (but is not). It 
would be very confusing if it were not of the same form.

I'll ask Donald about that, as we also have the open question of what to 
do with ECDSA-RIPEMD and  ECDSA-WHIRLPOOL.

All : any objection to adding ECDSA-SHA224 and HMAC-SHA224 to XML 
Signature 1.1 (and to the cross reference for HMAC-SHA224)? Please +1 if 
ok with it.

Any other suggestions regarding RSA-SHA224? 

regards, Frederick

Frederick Hirsch
Nokia

[1] http://www.ietf.org/rfc/rfc4051.txt

[2] 
http://www.w3.org/2008/xmlsec/Drafts/xmlsec-algorithms/Overview.html#ECDSA

On Jul 5, 2012, at 2:18 PM, ext Cantor, Scott wrote:

> In the vein of that AES-192 oversight, what is the status of RSA and 
ECDSA with SHA224?
> 
> I inherited some code that does define a URI constant for RSAw/SHA224, 
but I don't see it anywhere, so I'm wondering if it was a bug.
> 
> I also noted though that RFC 4051 does define a constant for ECDSA w/ 
224, but it's not in the Sig 1.1 draft. Same goes for HMAC with 224 
actually.
> 
> And I do see the latter two in the alg cross reference, so I'm thinking 
bug in Sig 1.1?
> 
> -- Scott
> 
>

Received on Friday, 6 July 2012 20:48:45 UTC