IETF Logo Mail Archive

Re: [OAUTH-WG] Signature crypto

"Manger, James H" <James.H.Manger@team.telstra.com> Fri, 27 November 2009 03:42 UTC

Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 43D283A687B for <oauth@core3.amsl.com>; Thu, 26 Nov 2009 19:42:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tBAXAfRJheQs for <oauth@core3.amsl.com>; Thu, 26 Nov 2009 19:42:46 -0800 (PST)
Received: from mailipbo.ntcif.telstra.com.au (mailipbo.ntcif.telstra.com.au [202.12.233.29]) by core3.amsl.com (Postfix) with ESMTP id 215543A6874 for <oauth@ietf.org>; Thu, 26 Nov 2009 19:42:43 -0800 (PST)
Received: from unknown (HELO mailbi.ntcif.telstra.com.au) ([202.12.162.19]) by mailipbi.ntcif.telstra.com.au with ESMTP; 27 Nov 2009 14:42:37 +1100
Received: from mail.cdn.telstra.com.au (localhost [127.0.0.1]) by mailbi.ntcif.telstra.com.au (Postfix) with ESMTP id CE693FF81; Fri, 27 Nov 2009 14:42:36 +1100 (EST)
Received: from WSMSG3703.srv.dir.telstra.com (wsmsg3703.srv.dir.telstra.com [172.49.40.171]) by mail.cdn.telstra.com.au (8.8.2/8.6.9) with ESMTP id OAA11304; Fri, 27 Nov 2009 14:42:36 +1100 (EST)
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3703.srv.dir.telstra.com ([172.49.40.171]) with mapi; Fri, 27 Nov 2009 14:42:36 +1100
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: Eran Hammer-Lahav <eran@hueniverse.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Fri, 27 Nov 2009 14:42:35 +1100
Thread-Topic: [OAUTH-WG] Signature crypto
Thread-Index: Acpt7pSuYnX/bLa8QDafocxOnS4STwACWuuwACb5iVA=
Message-ID: <255B9BB34FB7D647A506DC292726F6E1124A7241F7@WSMSG3153V.srv.dir.telstra.com>
References: <90C41DD21FB7C64BB94121FBBC2E72343785183009@P3PW5EX1MB01.EX1.SECURESERVER.NET> <4B0D3698.8070706@cs.tcd.ie> <90C41DD21FB7C64BB94121FBBC2E72343785209782@P3PW5EX1MB01.EX1.SECURESERVER.NET> <4B0D5EE1.9000309@cs.tcd.ie> <90C41DD21FB7C64BB94121FBBC2E723437852097FC@P3PW5EX1MB01.EX1.SECURESERVER.NET>
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E723437852097FC@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Accept-Language: en-US, en-AU
Content-Language: en-US
acceptlanguage: en-US, en-AU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Signature crypto
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2009 03:42:47 -0000

>> Sounds reasonable if all you need to negotiate are hash algorithm names.
>> Is that the case?

> Yes.

Not quite.
OAuth (at least the authentication part) mainly needs a MAC algorithm, not a hash algorithm.
HMAC is one popular MAC algorithm that is build from a hash algorithm.
However, there are other MAC algorithms — based on block ciphers for instance (eg CMAC-AES).
The hash registry http://www.iana.org/assignments/hash-function-text-names/ is not really going to help.

P.S. The body-signing OAuth extension is the one place that uses a hash (not a MAC) directly.

James Manger

v2.23.0 | Report a Bug | By Email