IETF Logo Mail Archive

Re: [OAUTH-WG] Signature crypto

Breno <breno.demedeiros@gmail.com> Fri, 04 December 2009 19:20 UTC

Return-Path: <breno.demedeiros@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 182193A686C for <oauth@core3.amsl.com>; Fri, 4 Dec 2009 11:20:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CgZFt8D1a1+f for <oauth@core3.amsl.com>; Fri, 4 Dec 2009 11:20:35 -0800 (PST)
Received: from mail-gx0-f228.google.com (mail-gx0-f228.google.com [209.85.217.228]) by core3.amsl.com (Postfix) with ESMTP id 1D47D3A67D8 for <oauth@ietf.org>; Fri, 4 Dec 2009 11:20:35 -0800 (PST)
Received: by gxk28 with SMTP id 28so2485034gxk.9 for <oauth@ietf.org>; Fri, 04 Dec 2009 11:20:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=RfVJYPW+qMPVOWcspMhJISoiZu1Bf9dpdCoP/BW/3l0=; b=S4gkQooSnhOc5eiYwFZbl/Bz5Yv8uZp5EtguOpRKYLZ9oaRLd+ly7+ltByIrs2sbjO gxJQVYf2veRoK/13nviWKhqk6unbceVPUsKieYT+EB4eQOckD1vtC1QLFe3wiT4N56f+ xFi24lQ+xyDhpCu2EMhCIny9rKxHylZUrjBf0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=H45GKaY+F9yOd07tIZSOEi75W3vIZ/hWoqVwlOb900lvbJvJ+yzrY0gosOSlGytpAQ BahDg2SdR+Ybq+TtP8Uk5dZx+qY6CNit4YPKX1xJaX7pOjdcFAWmBNK7FVcQC0yUTTad eLyhSDo/NFChTpmMWU3qIniM8mtEj6A2kxwNQ=
MIME-Version: 1.0
Received: by 10.101.29.9 with SMTP id g9mr4562684anj.123.1259954421661; Fri, 04 Dec 2009 11:20:21 -0800 (PST)
In-Reply-To: <daf5b9570912041112h71c0644dm8c908478dbff2e9a@mail.gmail.com>
References: <90C41DD21FB7C64BB94121FBBC2E72343785183009@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041016k10366b88tb001f7700405083f@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E72343785293683@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041023y3207d801r42f01c7a0c4352bb@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234378529368A@P3PW5EX1MB01.EX1.SECURESERVER.NET> <daf5b9570912041037t199cc9d3rbd4d31d327f8988b@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234378529369B@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041048s7f1f53bs27ec2b78f7f44c8b@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E723437852936BC@P3PW5EX1MB01.EX1.SECURESERVER.NET> <daf5b9570912041112h71c0644dm8c908478dbff2e9a@mail.gmail.com>
Date: Fri, 04 Dec 2009 11:20:21 -0800
Message-ID: <f98165700912041120k2b13eed2l4b51f6b22e35824e@mail.gmail.com>
From: Breno <breno.demedeiros@gmail.com>
To: Brian Eaton <beaton@google.com>
Content-Type: multipart/alternative; boundary="001636b2b0cdbc83970479ebff99"
Cc: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Signature crypto
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2009 19:20:36 -0000

There is no need to publish a new spec for a new MAC algorithm. MAC
algorithms typically go through certification (e.g., NIST) and have detailed
specs, including test vectors for interoperability.

For OAuth, if you want to explicitly support a new MAC algorithm you will
not need to change the transport and you just have to point to the
particular spec that defines the MAC algorithm.

On Fri, Dec 4, 2009 at 11:12 AM, Brian Eaton <beaton@google.com> wrote:

> On Fri, Dec 4, 2009 at 11:10 AM, Eran Hammer-Lahav <eran@hueniverse.com>
> wrote:
> > I am trying to avoid the need to publish a specification every time you
> want
> > to add a new MAC-based algorithm.
>
> People are going to end up needing to write new code every time they
> want to add a new MAC-based algorithm.
>
> Cheers,
> Brian
>



-- 
Breno de Medeiros

v2.23.0 | Report a Bug | By Email