[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

*To*: spki@c2.net*Subject*: Re: public key algorithm naming*From*: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>*Date*: Thu, 12 Mar 1998 16:41:33 EST*Sender*: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE----- To: spki@c2.net Subject: Re: public key algorithm naming Date: 03/12/98, 16:41:29 > IMO, the hash algorithm you use to sign is as important a part of "you" > as your key parameters are. It serves to define you as much as anything, > in the digital world, where everything comes from signatures. Listing > your hash algorithm beside your key parameters gives it this important > meaning - since keys get signed as parts of certificates and are also > listed in ACLs. The way I see it, a signature from someone with your > same key parameters but using a different hash function is not you. But with digital signatures, it's the owner of a key who is going to sign. The hash algorithm name is used to tell someone else what they should use to verify that signature. Your argument would be valid for encryption keys, where along with your public key you specify the list of encryption algorithms that you're willing to accept -- but that's not what we're talking about here (I think :-) With signing keys, by placing a hash algorithm name in the key you're restricting yourself as to what parameters you'll use to sign. I find this unnecessary. - -Angelos -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBNQhWib0pBjh2h1kFAQHHawP/e+ybGoGwVV5KR+AarKrKT4SWe648mSmt +W9y24vkqwuDbKgxhdynoOso8oEO0iWpy98dui4BiVxqZOlvNHxwzdEZV7wYjCoi n/EjyURziELiLFJ5AnvU92oBuahBQ+FkXGqNmy7WeJA5GDwxqEWK5VtNyZC6WMWL mU8I/UqnN0U= =0RXc -----END PGP SIGNATURE-----

**Re: public key algorithm naming***From*: Carl Ellison <cme@cybercash.com>

- Prev by Date:
**Some comments on draft-ietf-spki-cert-theory-02.txt** - Next by Date:
**Re: public key algorithm naming** - Prev by thread:
**Re: public key algorithm naming** - Next by thread:
**Re: public key algorithm naming** - Index(es):