Re: [Cfrg] Question from JOSE working group
"Jim Schaad" <ietf@augustcellars.com> Tue, 03 July 2012 17:45 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1CCB11E8185 for <cfrg@ietfa.amsl.com>; Tue, 3 Jul 2012 10:45:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.344
X-Spam-Level:
X-Spam-Status: No, score=-3.344 tagged_above=-999 required=5 tests=[AWL=0.255, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5h9OIYaIUg27 for <cfrg@ietfa.amsl.com>; Tue, 3 Jul 2012 10:45:05 -0700 (PDT)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id C52D411E80A4 for <cfrg@irtf.org>; Tue, 3 Jul 2012 10:45:05 -0700 (PDT)
Received: from Tobias (mail.augustcellars.com [50.34.17.238]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: schaad@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id 984CF2CA0E; Tue, 3 Jul 2012 10:45:13 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Russ Housley' <housley@vigilsec.com>, "'Richard L.Barnes'" <rbarnes@bbn.com>
References: <FFFFB6D6-08A6-4989-99B1-BC1F677AEBD0@vigilsec.com> <41F795C1-BD4F-4732-8F1A-62F909E9AA07@bbn.com> <1499CA50-2239-4102-BA1A-04104EAC57DF@vigilsec.com>
In-Reply-To: <1499CA50-2239-4102-BA1A-04104EAC57DF@vigilsec.com>
Date: Tue, 03 Jul 2012 10:43:51 -0700
Message-ID: <03b301cd5943$693f2800$3bbd7800$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQDe91NbMO1Nq06fh8taxrYdt/CHCALpPHJBAWJNYUmY0jtbkA==
Content-Language: en-us
Cc: cfrg@irtf.org, jose@ietf.org
Subject: Re: [Cfrg] Question from JOSE working group
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 17:45:08 -0000
I would also note that when PKCS#7 was designed, the hash algorithm was always protected independent the presence of signed attributes. Either the hash algorithm was in the signed attributes or it was in the RSA signature block encoding. It was only with the introduction of other algorithms that this was no longer true. Jim > -----Original Message----- > From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf Of > Russ Housley > Sent: Tuesday, July 03, 2012 8:02 AM > To: Richard L.Barnes > Cc: cfrg@irtf.org; jose@ietf.org > Subject: Re: [Cfrg] Question from JOSE working group > > Richard: > > > Actually, the inclusion of the hash algorithm under the signature is optional: > > " > > signedAttrs is a collection of attributes that are signed. The > > field is optional, but it MUST be present if the content type of > > the EncapsulatedContentInfo value being signed is not id-data. > > [...] If the field is present, it MUST > > contain, at a minimum, the following two attributes: > > > > ... > > > > A message-digest attribute, having as its value the message > > digest of the content. Section 11.2 defines the message-digest > > attribute. > > " > > > > Since "id-data" means "no more ASN.1 structure", for JOSE, the content > type is effectively always "id-data". > > In practice, there are other attributes that one wants signed, such as signing- > time, so the algorithm identifier gets included. > > Russ > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] Question from JOSE working group Richard L. Barnes
- Re: [Cfrg] Question from JOSE working group Mike Jones
- Re: [Cfrg] [jose] Fwd: Question from JOSE working… Richard L. Barnes
- Re: [Cfrg] Question from JOSE working group Russ Housley
- Re: [Cfrg] Question from JOSE working group Richard L. Barnes
- Re: [Cfrg] Question from JOSE working group Richard L. Barnes
- Re: [Cfrg] [jose] Question from JOSE working group John Bradley
- Re: [Cfrg] [jose] Question from JOSE working group Weger, B.M.M. de
- Re: [Cfrg] [jose] Question from JOSE working group John Bradley
- Re: [Cfrg] Question from JOSE working group Russ Housley
- Re: [Cfrg] Question from JOSE working group Jim Schaad
- Re: [Cfrg] Question from JOSE working group Richard L. Barnes
- Re: [Cfrg] Question from JOSE working group Jim Schaad