[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: public key algorithm naming

To: spki@c2.net
Subject: Re: public key algorithm naming
From: Marc Branchaud <marcnarc@xcert.com>
Date: Tue, 07 Apr 1998 10:17:49 -0700
In-Reply-To: Your message of "06 Apr 1998 16:03:16 PDT." <3ogyelfij.fsf@kmac.terisa.com>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

Content-Type: text/plain; charset=us-ascii


EKR <ekr@terisa.com> scrawled:
> 
> There's another quibble I have with all of this: PKCS-1 is both
> a message padding AND a format for RSA key encoding. But PKIX does
> NOT use the PKCS-1 RSA key encoding. Consequently, having a 
> key tagged as rsa-pkcs1 seems kind of confusing.
> 

I don't understand your point here.  PKIX Part 1, section 7.2.1 (RSA
Signature Algorithm) clearly says to use PKCS1 -- the algorithm IDs it
specifies for RSA signatures are PKCS IDs.  I'll admit that the same section
contains a description of a signature algorithm that is _not_ PKCS1, but I
suspect that's more an editing oversight than an intended deviation.

Anyway, for the record, I think it's better to just use rsa-pkcs1 and
dsa-sha1 (couldn't that just be "dss"?), but here's a little caveat: PKCS1
doesn't specifically talk about SHA1.  In fact, for RSA-with-SHA1, PKIX uses
a non-PKCS algorithm ID (instead it's one from the OSI Interoperability
Workshop).  There's no reason I can see that SHA1 can't be used in the PKCS1
style just like MD* are, and I'm 99.9% sure that's how its done in practice,
but it's not actually specified in PKCS1.

There may be more nuance here than can be captured by a simple identifier, 
if we want to leave out hash algorithms.

		Marc

+------------------------------------------------------------------------+
 Marc Branchaud                                  \/
 Chief PKI Architect                             /\CERT INTERNATIONAL INC.
 marcnarc@xcert.com        PKI References page:              www.xcert.com
 604-640-6227          www.xcert.com/~marcnarc/PKI/
+------------------------------------------------------------------------+
  PGP key fingerprint:  60 11 4B 9D 4E E5 2F 47  BD C5 C2 BF 26 DF 5A E1



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBNSpfvVrdFXNdDxPlAQERmQMAufA3zdrVSa93kxyGq1ewncGwr7q9X8eT
cEx7Slnou0PuMBM/yh3e3Pq4cl8i9+VMKu0BNn7k/vAllWeeJ2w9ZcqMwBv/kesa
CtzPu8oG93U4mEzp5sBI/pFH3Mq9xxdn
=7RA5
-----END PGP SIGNATURE-----

Follow-Ups:

Re: public key algorithm naming

From: Carl Ellison <cme@Cybercash.COM>

Re: public key algorithm naming

From: EKR <ekr@terisa.com>

References:

Re: public key algorithm naming

From: EKR <ekr@terisa.com>

Prev by Date: Re: public key algorithm naming
Next by Date: Re: public key algorithm naming
Prev by thread: Re: public key algorithm naming
Next by thread: Re: public key algorithm naming
Index(es):
- Main
- Thread