On 08/30/2012 12:58 AM, Manger, James H wrote: > Consequently this question is really asking one of the following: > > Q1. Should RSA OAEP with SHA-1 be defined for use with JOSE? Perhaps > additionally, should it be mandatory to implement? > The core of this question is whether SHA-1 is cryptographically-compromised > enough that we shouldn't use it in new crypto specs, or is its > widespread-availability more important than any crypto weakness?
Just on this part. DKIM and DANE both decided to go with to sha256 as the mandatory to implement digest alg. I think that is a trend. I don't see why JOSE would be different in that respect. If JOSE do choose to stand out from the crowd and go with sha1 then I think you'll need to justify that explicitly and convincingly. S. _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
