> On Feb 23, 2017, at 8:09 PM, Ryan Sleevi via Public <[email protected]>
> wrote:
>
>
>
> On Thu, Feb 23, 2017 at 7:54 PM, Phillip Hallam-Baker <[email protected]
> <mailto:[email protected]>> wrote:
>
> SHA-2 is a direct swap for SHA-3 however. All that is required is to define
> the necessary OIDs. And the CURDLE charter does not preclude SHA-3, it merely
> does not list them as current work items.
>
> If you believe it's "just OIDs", then why hasn't Comodo made any proposals,
> given http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
> <http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html> ?
> Were you simply unaware of the OID assignment? Or is your assertion that such
> an OID as "id-rsassa-pkcs1-v1_5-with-sha3-256" ( { sigAlgs 13 } ) is
> insufficient?
>
> I'm not sure how to interpret the rest of your reply, so I've omitted it, but
> I'm still curious about whether there are "any HSM vendors that CAs might use
> to ensure that their private keys are appropriately protected when generating
> these signatures?"
>
> Doesn't this seem key to understanding how such certificates might exist,
> with respect to key protection, which is necessary and critical for user
> agents and cryptographic libraries to feel confident that supporting such
> certificates does not introduce undue risk to their users?
Ryan,
I wasn’t aware that NIST had allocated identifiers for RSA using PKCS#1 v1.5
over SHA3 hashes. Given that this exists, that strikes out that issue.
There are a number of HSMs out there suitable for key protection for this case
already — almost every HSM I know about implements the CKM_RSA_PKCS mechanism
which allows signing arbitrary data. It doesn’t care if it is a SHA-1,
SHA-256, or SHA3-256 hash.
All that is preventing the use of id-rsassa-pkcs1-v1_5-with-sha3-256,
id-rsassa-pkcs1-v1_5-with-sha3-384, and id-rsassa-pkcs1-v1_5-with-sha3-512 is
(1) the BRs and (2) lack of implantation by browsers. When is Chrome planning
to support these algorithms?
Thanks,
Peter
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
