Re: [jose] RSASSA-PSS signature
John Bradley <ve7jtb@ve7jtb.com> Tue, 12 March 2013 19:25 UTC
Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2641421F859C for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 12:25:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.249
X-Spam-Level:
X-Spam-Status: No, score=-3.249 tagged_above=-999 required=5 tests=[AWL=0.349, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ehHL-HssxDX for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 12:25:05 -0700 (PDT)
Received: from mail-gh0-f179.google.com (mail-gh0-f179.google.com [209.85.160.179]) by ietfa.amsl.com (Postfix) with ESMTP id 2A0D421F8506 for <jose@ietf.org>; Tue, 12 Mar 2013 12:25:03 -0700 (PDT)
Received: by mail-gh0-f179.google.com with SMTP id r14so44854ghr.24 for <jose@ietf.org>; Tue, 12 Mar 2013 12:25:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer:x-gm-message-state; bh=Hddv8uwbXZ2chB9zkqKjTy7Lm5Zlf9Z1SxkTrCIsbg4=; b=mmT2WSyOF0jNrrR2KKWWBrnRoIBgyOqsgEhPjIK4KxuffJc+pj7WMncp0Y4f7YFH1Z IpEju8eQHZU6z1HIyjzI90wiYUSTasgWftXKTj/394kx2pZu35X0eKCkARV867JK0s0v tp0ZTduy5C0VxJ4O61oLg1bOSLG2zCKhEnVn9V4HI3nNrAJvPyXVuK5V+Gm+iTrAYo4+ YpDHweaIM6l6xJhCmGwNC+wrT/v6CaYMQV/wDAC6iR3478dtHFnQVFv1iqnsZMbkoKBi LS1mAR12EgG+C0NzzXC/STobG7WakenCVwz/jD468RAq3BfYVYQ1W6WEU7lkSPpVJLaX TrXw==
X-Received: by 10.236.71.74 with SMTP id q50mr13016643yhd.144.1363116302545; Tue, 12 Mar 2013 12:25:02 -0700 (PDT)
Received: from [192.168.11.16] (ip-64-134-186-130.public.wayport.net. [64.134.186.130]) by mx.google.com with ESMTPS id s3sm25602850yhm.10.2013.03.12.12.24.50 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 12 Mar 2013 12:24:58 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_65EB1296-380F-43A5-97DC-BF16CB09D452"; protocol="application/pkcs7-signature"; micalg="sha1"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <8B4C063947CD794BB6FF90C78BAE9B321EFC0A36@IMCMBX04.MITRE.ORG>
Date: Tue, 12 Mar 2013 15:24:41 -0400
Message-Id: <9E337D95-53AD-431D-A053-76F1F5EF7FAA@ve7jtb.com>
References: <8B4C063947CD794BB6FF90C78BAE9B321EFC0A36@IMCMBX04.MITRE.ORG>
To: "Peck, Michael A" <mpeck@mitre.org>
X-Mailer: Apple Mail (2.1499)
X-Gm-Message-State: ALoCoQmoGreLy5ZbQcP88e2mQi4ECxhrDtx/0UqR/wwY2FedwSsZetusjFZAsHCZQj4f03ggOrdp
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] RSASSA-PSS signature
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 19:25:07 -0000
This has had a fair amount of discussion. While I think almost everyone would prefer PSS, many implementations are going to be in scripting languages where the underlying libraries only support PKCS1-v1_5. We did a survey of platforms to evaluate if we could move to PSS and the result lead us not to make PSS as the MTI. In think that was reported out at the Atlanta IETF meeting. Nat may be able to forward that to you, I don't have it handy. If we were talking about starting from scratch and not building on existing platforms likely the answer would have been different. The algorithms are extensible so PSS can be added. The other consideration is that many of the people who care will be using ECESA signatures anyway. John B. On 2013-03-12, at 2:52 PM, "Peck, Michael A" <mpeck@mitre.org> wrote: > draft-ietf-jose-json-web-algorithms-08 includes RSASSA-PKCS1-v1_5 signatures but not RSASSA-PSS. > > The Security Considerations states: > While Section 8 of RFC 3447 [RFC3447] explicitly calls for people not > to adopt RSASSA-PKCS1 for new applications and instead requests that > people transition to RSASSA-PSS, this specification does include > RSASSA-PKCS1, for interoperability reasons, because it commonly > implemented. > > Shouldn’t RSASSA-PSS at least be included as an option? > I’m also not sure if I fully understand the interoperability concerns. JWS is a new specification, so it makes sense to me to use whatever algorithms are currently considered best practice, without need to worry about backwards compatibility? > > Mike > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- [jose] RSASSA-PSS signature Peck, Michael A
- Re: [jose] RSASSA-PSS signature John Bradley
- Re: [jose] RSASSA-PSS signature Richard Barnes
- Re: [jose] RSASSA-PSS signature Mike Jones
- Re: [jose] RSASSA-PSS signature Richard Barnes
- Re: [jose] RSASSA-PSS signature Mike Jones
- Re: [jose] RSASSA-PSS signature John Bradley
- Re: [jose] RSASSA-PSS signature Peck, Michael A
- Re: [jose] RSASSA-PSS signature John Bradley
- Re: [jose] RSASSA-PSS signature Richard Barnes
- Re: [jose] RSASSA-PSS signature John Bradley
- Re: [jose] RSASSA-PSS signature Brian Campbell