Re: [jose] (REDO) POLL: RSA-OAEP/RSA-PSS default parameters

Wed, 29 Aug 2012 16:58:29 -0700 

> Should SHA1 (and mgf1SHA1) be the default parameters for these
> algorithms?

We don’t have "algorithm parameters" in JOSE – that is the subject of a 
separate POLL ("Support multiple types for algorithms"). JOSE currently has 
algorithm labels with no parameters.

Consequently this question is really asking one of the following:

Q1. Should RSA OAEP with SHA-1 be defined for use with JOSE? Perhaps 
additionally, should it be mandatory to implement?
The core of this question is whether SHA-1 is cryptographically-compromised 
enough that we shouldn't use it in new crypto specs, or is its 
widespread-availability more important than any crypto weakness?

Q2. Should the label "RSA-OAEP" be used for RSA OAEP with SHA-1?

My answer to Q2 is NO. The "RSA-OAEP" label is inconsistent with other JOSE alg 
names. JWA specifies "HS512", "RS512", "ES512", and "CS512" where the Sxxx 
suffix indicates a hash algorithm. RSA OAEP with SHA-1 could use "ROS1" or 
"ROS160".

--
James Manger

> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On Behalf Of
> Karen O'Donoghue
> Sent: Thursday, 30 August 2012 7:30 AM
> To: [email protected]
> Subject: [jose] (REDO) POLL: RSA-OAEP/RSA-PSS default parameters
> 
> Folks,
> 
> Given the confusion around the original version of this poll, I'd like
> to try again.
> 
> The basic question is unchanged, the room count from Vancouver has been
> corrected, and a clarification regarding the status of SHA1 in the OAEP
> specification has been added.  For those of you who voted and feel you
> may have misunderstood the question or voted incorrectly, please feel
> free to update your answer.
> 
> Question:
> Should SHA1 (and mgf1SHA1) be the default parameters for these
> algorithms?
> Note:  These are the default parameters specified in RFC 3447, Section
> A.2.1, and are widely deployed.
> 
> Room vote:  5 yes, 0 no, 3 discuss
> 
> Thanks,
> Karen
> _______________________________________________
> jose mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to