I think you've got it - with the key being that you support SHA-2/256 and RSA and thus SHA-1 is not required
-------------------------------------------------------------------------- Lionel B. Dyck (Contractor) Mainframe Systems Programmer Enterprise Infrastructure Support (Station 200) (005OP6.3.10) VA OI&T Service Delivery & Engineering -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of John Eells Sent: Tuesday, May 17, 2016 9:54 AM To: [email protected] Subject: Re: [EXTERNAL] Re: smp/e sha-2 support? So...suppose we were to do something like this*: - Added support for both SHA-2 (SHA-256) and 2048-bit RSA certificates.** - Put the package signing verification certificate where "anyone could get it" - Made the signing (certificate-based) check optional. - Continued to keep the integrity checking optional, whether based on SHA-2 or SHA-1. Would that meet the set of needs we've been talking about? * As usual, no promises. ** I think we have to keep the SHA-1 support because we create an incompatibility if we don't. Andrew Rowley wrote: > My further thoughts: > >> - Would a certificate-based signature do? >> - What requirements would you have for certificates? > The signature should use the same type of code signing certificates > used for other platforms. Any company delivering Windows software > almost certainly has a certificate already. There are various > implementations, e.g. Windows exe signing and Java jar signing. I'm > pretty sure z/OS can verify signatures on jars at least. Some thought > would have to go into how you attach a signature to a package and what you > attach it to. > >> - Would you want signature verification to be optional? > Yes. For SMP/E it should be the default, probably at RECEIVE time but > able to be bypassed e.g. RECEIVE... BYPASS(SIGCHECK) . > Non-SMP/E is handicapped by the absence of a standard delivery format. > If you had a tool to deliver a set of non SMP/E datasets, the > packaging format should have an option to include a signature - > perhaps with a warning when extracting if unsigned and/or an option to > force signature checking. It depends on how useful the product would > be inside a site - you don't want to force customers to get their own > certificate if they decide a tool would be useful internally. > >> - If signature verification were to be optional, would it be >> acceptable to use the SHA-1 hash for integrity checking if the >> recipient chose not to verify the signature? Or, would it still be >> necessary to use a different algorithm? > > I'm not sure how useful it is. How likely is it that something be > corrupted in a situation where you can get a hash to verify but can't > verify a signature? > >> - Anything else to think about? > Lots, I'm sure! It's probably worth also looking at the implementation > of signed SMF data to see how they do it. > > Andrew Rowley > > -- John Eells IBM Poughkeepsie [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
