- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Wed, 15 Nov 2000 14:39:42 -0500
- To: <jimsch@nwlink.com>
- Cc: <xml-encryption@w3.org>, housley@spyrus.com
At 00:31 11/15/2000 -0800, Jim Schaad wrote: >As promised at the XML Encryption workshop, here is a description of the >different types of algorithms along with what I would recommend for the >different levels of support. Thanks! I agree with all of your recommendations, but I have a question on Key Transport. >Key Transport Algorithms: > >RSA-v1.5 - This is the standard RSA algorithm used in CMS today. It has >the benifit of being widely used and the downside that there is a known >attack againist it. > >RSA-OEAP - This is the revised RSA algorithm for doing key transport. The >same RSA public/private key pair can be used for both RSA-v1.5 and RSA-OEAP >so there is no need to choose just one of these variants. > >Recommendation: RSA-OEAP should be used with AES. RSA-v1.5 should be used >with TripleDES. I note this is not mandatory, which I think I'm please with but I wanted to chase the references and ended up getting confused. I found [1] for "RSAES-OA(?EP?) in CMS" and it refers to [2], but RFC2347 is actually TFTP Option Extension (Russ should switch the 3&4 to RFC2437 [3]). So: 1. What standard exactly is meant by RSA-OEAP? PKCS#1v2.0, it's CMS syntax, or would we have to come up with our own XML based version? 2. Why do you recommend RSA-v1.5 with TripleDES? [1] S/MIME Working Group R. Housley Internet Draft SPYRUS expires in six months June 2000 Use of the RSAES-OAEP Key Transport Algorithm in CMS http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-rsaes-oaep-01.txt [2] PKCS#1v2.0 Kaliski, B. PKCS #1: RSA Encryption, Version 2.0. RFC 2347. October 1998. [3] http://www.ietf.org/rfc/rfc2437.txt __ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Wednesday, 15 November 2000 14:40:12 UTC