Re: [OAUTH-WG] Signature crypto
"Infinity Linden (Meadhbh Hamrick)" <infinity@lindenlab.com> Wed, 25 November 2009 14:19 UTC
Return-Path: <infinity@lindenlab.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 856C728C22C for <oauth@core3.amsl.com>; Wed, 25 Nov 2009 06:19:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.976
X-Spam-Level:
X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lU8e96+TKTDq for <oauth@core3.amsl.com>; Wed, 25 Nov 2009 06:19:13 -0800 (PST)
Received: from mail-fx0-f213.google.com (mail-fx0-f213.google.com [209.85.220.213]) by core3.amsl.com (Postfix) with ESMTP id 161773A68AB for <oauth@ietf.org>; Wed, 25 Nov 2009 06:19:12 -0800 (PST)
Received: by fxm5 with SMTP id 5so7004507fxm.28 for <oauth@ietf.org>; Wed, 25 Nov 2009 06:19:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.239.181.11 with SMTP id k11mr769346hbg.203.1259158743539; Wed, 25 Nov 2009 06:19:03 -0800 (PST)
In-Reply-To: <4B0D3698.8070706@cs.tcd.ie>
References: <90C41DD21FB7C64BB94121FBBC2E72343785183009@P3PW5EX1MB01.EX1.SECURESERVER.NET> <4B0D3698.8070706@cs.tcd.ie>
From: "Infinity Linden (Meadhbh Hamrick)" <infinity@lindenlab.com>
Date: Wed, 25 Nov 2009 06:18:43 -0800
Message-ID: <3a880e2c0911250618w358579d9o38b5ad90cb9242af@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="001485f87fb49fe000047932bddf"
Cc: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Signature crypto
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2009 14:19:14 -0000
+1 to stephen's comment. when it comes to algorithm support and selection, i think the consensus that's emerged is we should require an algorithm that "looks good" at the moment the spec is being drafted, but allow the use of other optional algorithms. ("looks good" here means that there are no known successful attacks against the math of the algorithm and there's a general consensus amongst cryptographers that there won't be one in the next 20 years.) the rationale behind this may have to do with the experience some implementers had with MOSS / MIME Object Security Services (aka RFC1848.) MOSS was specified to address issues people had raised with PEM (Privacy Enhanced Mail). The problem with MOSS is that it was near infinitely flexible and you could create an implementation that strictly adhered to the specification, but was non-interoperable if you chose to support a different set of optional encipherment algorithms. so the concern here is that if you allow all hash algorithms to be optional, you'll find some outlier who wants to use HAVAL with Rabin Williams to generate signatures and will sell this solution into the marketplace, then go out of business. people who bought the solution won't think anything's wrong 'til they try to hook it up to someone else who's using a more traditional SHA256+RSA or ECDSA solution. a great wailing and gnashing of teeth will follow. but if we REQUIRE that everyone use SHA256 but allow other hash algorithms, then we won't have this problem. -cheers -meadhbh -- infinity linden (aka meadhbh hamrick) * it's pronounced "maeve" http://wiki.secondlife.com/wiki/User:Infinity_Linden On Wed, Nov 25, 2009 at 05:52, Stephen Farrell <stephen.farrell@cs.tcd.ie>wrote: > > > Eran Hammer-Lahav wrote: > > I think we have consensus that the spec should not mandate a particular > hash algorithm. This still leave the issue of assigning algorithms short > names for the purpose of negotiation and declaration. Is there a registry > available for such algorithms we can use or do we need to create a new one? > > Sorry to have missed out on the thread where that was discussed, but > it'd be odd for an IETF security spec to not mandate some algorithms > and quite likely to generate comments later in the process if there's > no well-defined way to ensure interop. Do we have that? > > Ta, > S. > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Peter Saint-Andre
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Infinity Linden (Meadhbh Hamrick)
- Re: [OAUTH-WG] Signature crypto Hubert Le Van Gong
- Re: [OAUTH-WG] Signature crypto Vrancken Bart bv
- Re: [OAUTH-WG] Signature crypto Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Infinity Linden (Meadhbh Hamrick)
- Re: [OAUTH-WG] Signature crypto John Kemp
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Ben Laurie
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Manger, James H
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Paul C. Bryan
- Re: [OAUTH-WG] Signature crypto stephen.farrell
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Richard Barnes
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Richard L. Barnes