Re: Compatibility between S/MIME v2 & v3 signatures
Gwangsoo Rhee <rhee@sookmyung.ac.kr> Tue, 04 June 2002 14:00 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA28988 for <smime-archive@odin.ietf.org>; Tue, 4 Jun 2002 10:00:05 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g54DhsC18670 for ietf-smime-bks; Tue, 4 Jun 2002 06:43:54 -0700 (PDT)
Received: from sookmyung.ac.kr ([203.252.201.133]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g54Dhqg18665 for <ietf-smime@imc.org>; Tue, 4 Jun 2002 06:43:52 -0700 (PDT)
Received: from sookmyung.ac.kr (pc-rhee.sookmyung.ac.kr [203.252.195.65]) by cc.sookmyung.ac.kr (8.9.3/8.9.3) with ESMTP id WAA28259; Tue, 4 Jun 2002 22:39:06 +0900 (KST)
Message-ID: <3CFCC3BE.2D3925@sookmyung.ac.kr>
Date: Tue, 04 Jun 2002 22:42:22 +0900
From: Gwangsoo Rhee <rhee@sookmyung.ac.kr>
Reply-To: rhee@sookmyung.ac.kr
X-Mailer: Mozilla 4.72 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Housley, Russ" <rhousley@rsasecurity.com>
CC: ietf-smime@imc.org
Subject: Re: Compatibility between S/MIME v2 & v3 signatures
References: <5.1.0.14.2.20020604082808.03627df8@exna07.securitydynamics.com>
Content-Type: text/plain; charset="EUC-KR"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
Russ:
Thanks for your answer.
But, my question wasn't about the algorithm, but about
what is to be encrypted by the signature algorithm like RSA.
Does the RSA in S/MIME v3 (or RFC 2630) encrypt the DigestInfo
which includes the digestAlgorithm, too?
If so, why didn't RFC 2630 mention about it, or
why did RFC 2630 leave out the DigestInfo structure?
Thanks again.
"Housley, Russ" wrote:
> Gwangsoo:
>
> RFC 2315 only supports PKCS#1 v1.5 RSA signatures. RFC 2630 and rfc2630bis
> support any signature algorithm. So, the more correct backward
> compatibility statement is: RFC 2630 is backwards compatible with RFC 2315
> when PKCS#1 v1.5 RSA signatures are used.
>
> Russ
>
> At 10:08 AM 6/4/2002 +0900, Gwangsoo Rhee wrote:
>
> >Hello, everybody.
> >
> >Many documents including draft-ietf-smime-rfc2630bis-08.txt
> >claim that S/MIME v2 & v3 signatures are compatible, BUT:
> >
> >Sec. 9.4 of RFC 2315 (PKCS #7 v1.5) states about the signature
> >generation:
> >
> > The result of the
> > digest-encryption process is the encryption with the signer's private
> >
> > key of the BER encoding of a value of type DigestInfo:
> >
> > DigestInfo ::= SEQUENCE {
> > digestAlgorithm DigestAlgorithmIdentifier,
> > digest Digest }
> >
> >And sec. 5.5 of RFC 2630 (CMS) states:
> >
> > The input to the signature generation process includes the result of
> > the message digest calculation process and the signer's private key.
> >
> >This RFC has no mention of DigestInfo structure.
> >It seems to me that DigestAlgorithmIdentifier doesn't
> >contribute to the signature generation, and in that case
> >those two signatures cannot be compatible.
> >
> >Can anyone please point out where I got this wrong?
> >
> >Thanks.
> >
> >--
> >
> >---------------------------------------
> >Gwangsoo Rhee <rhee@sookmyung.ac.kr>
> >tel: +82-2-710-9429 fax: 710-9296
> >HP: 011-9691-9541
> >---------------------------------------
--
---------------------------------------
Gwangsoo Rhee <rhee@sookmyung.ac.kr>
tel: +82-2-710-9429 fax: 710-9296
HP: 011-9691-9541
---------------------------------------
- Compatibility between S/MIME v2 & v3 signatures Gwangsoo Rhee
- Re: Compatibility between S/MIME v2 & v3 signatur… Housley, Russ
- Re: Compatibility between S/MIME v2 & v3 signatur… Gwangsoo Rhee
- Re: Compatibility between S/MIME v2 & v3 signatur… Housley, Russ