[lamps] Question on draft-ietf-lamps-cms-hash-sig
Jim Schaad <ietf@augustcellars.com> Thu, 14 March 2019 18:39 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFE60130EA9; Thu, 14 Mar 2019 11:39:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UwHPctyk6ds3; Thu, 14 Mar 2019 11:39:40 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE0501277E5; Thu, 14 Mar 2019 11:39:36 -0700 (PDT)
Received: from Jude (192.168.1.152) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 14 Mar 2019 11:39:29 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-lamps-cms-hash-sig@ietf.org
CC: 'SPASM' <spasm@ietf.org>
Date: Thu, 14 Mar 2019 11:39:27 -0700
Message-ID: <00d701d4da95$425dc1d0$c7194570$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AdTalFpsRD6NOLyJSie3veGv+fJZHg==
X-Originating-IP: [192.168.1.152]
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Va372k0reOmsP2fxjTTXkrCdkHo>
Subject: [lamps] Question on draft-ietf-lamps-cms-hash-sig
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2019 18:39:42 -0000
I was tossing together some code to look at producing some samples and I ended up with a pair of questions: 1. If I have a hash signature tree which uses multiple different hash algorithms in it, which of those hash algorithms am I to placed in the digestAlgorithm field? For example, suppose that I am using an LMS type with a hash of SHAKE128 and an LMOTS type with a hash of SHA256. Or as a different example, suppose that I have a two deep tree and the top level uses SHA512 in both places but the next level down uses SHAH256 in both places? 2. If there are signed attributes present, then it t required that the body digest algorithm match that of the hash signature tree or can it be different. If it is different, is that not the value that should be placed in the digestAlgorithm field? Consider digesting the body with SHA512, but only using SHA256 in the hash function on the assumption that the random field in the signing operation provides a higher level of security and thus a weak attempt is being made to match them together. (I am sure that this is not the correct pairing for matching, just demonstrating a point.) Jim
- [lamps] Question on draft-ietf-lamps-cms-hash-sig Jim Schaad
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Daniel Van Geest
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Russ Housley
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Daniel Van Geest
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Jim Schaad
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Daniel Van Geest
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Scott Fluhrer (sfluhrer)
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Jim Schaad
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Scott Fluhrer (sfluhrer)
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Jim Schaad
- Re: [lamps] Question on draft-ietf-lamps-cms-hash… Jim Schaad