Re: Algorithm Names - registry?

Wed, 30 Nov 2011 23:15:15 -0800 


On 11/30/2011 6:34 PM, Michael StJohns wrote:


By the way - why are CCM and GCM ciphers rather than cipher modes in the table? 
 They can be applied to any block cipher (i think with a specific block length).



Good grief.  I apparently didn't review the tech writers work on that 
one.  I'll get that fixed ASAP.  Good catch.



I'll look into the rest of the comments later, it's 11:30pm  :).  Thanks 
for the response.


Brad


Mike


At 08:20 PM 11/29/2011, Brad Wetmore wrote:

I'm just one person, but I'm completely open to discussing on security-dev 
potential names/values to add.  I do have strong hesitations about just opening 
it up to anyone to add something (i.e. a wiki), allowing them to reserve names 
with no discussion.  (I'm thinking what a mess it could be if there was no 
IETF-IANA.)

The JDK 7 edition is at:

http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html

The current doc does have most of the items you're suggesting, but maybe not as 
structured.  A reformatting might be helpful.

I would also hesitate including optional secondary names, as the point of a 
standard name is to settle on one name that can be used across implementations. 
 Having three possible aliases like for SHA1 (SHA-1, SHA1, SHA) just makes 
things confusing for end users.

Hadn't really thought about adding Javacard algids here.  I know outside Oracle 
this shouldn't matter, but they're a completely different group.

My $.02.

Brad




On 11/28/2011 10:30 AM, Michael StJohns wrote:

One of the items that seems terribly out of date is the "Standard Names" list.  
Also, sometimes its difficult to tell which algorithm - specifically - the name applies 
to.

I'm wondering if it isn't time to create something like a Wiki for name 
registration and - for example - let the folks building the various JCE 
providers add or propose names.  I mention this because I'm finding it tiresome 
looking through the BouncyCastle source code each time I need to find an 
algorithm name not on the list.

I would suggest as data elements:

Primary name, Optional secondary names; Object Identifier (if any); Applicable JCE class 
(e.g. Cipher, MessageDigest, etc), Primary standard (e.g. RFCXXXX, ISOXXXX - section yy, 
option zzz); Alternate standards (for example ECDSA is referenced in SECG, NIST, ANSI 
etc); clarifying comments (e.g. "Use IvAlgorithmParameter with this").


Continuing this thought - the Javacard algorithm identifiers could also be 
included in this table.

Mike

























					Reply via email to