[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-smime-sha2-08.txt

To: "Turner, Sean P." <turners@xxxxxxxx>
Subject: Re: I-D ACTION:draft-ietf-smime-sha2-08.txt
From: "Blake Ramsdell" <blaker@xxxxxxxxx>
Date: Fri, 3 Oct 2008 19:04:39 -0700
Cc: "Jim Schaad" <ietf@xxxxxxxxxxxxxxxxx>, ietf-smime@xxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=KYC+oqtyNC9AM58PAuAF816F+amkcpDpAcKbYyuObYE=; b=OAn/90aUvekIkYrU5RKx8PG8pdbC3E+pFQuIGi2HndnXB/gY+sDgqD60fWS0AJ3RR5 FJmxfkb0/wG7GBn2g1QzQ6OCljWwJP4K99gdKazIR6PjLDMPBbeGLdwcGSlV2bUtz6R7 RSAdNiMbs+9k8wOMo0ZAQiOxDlSwE1yY/J3Mg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=YCxNf43JwPLlgfYICJWJbqXyw8p1Tya5ANCaexQWZvjxtzUBDSDEuk/QpIcAwSehWr ID/l5qVDBkvppBN9KArrjjIEFvK6/cziYA+JRxzKrzSkjt9WrfODHg9HbxSDoGp+TcZL 889Qy5YVonmpw7dpzUIqZSfqnQf3bCIUay8m0=
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <20080926224507.788F23A6A18@xxxxxxxxxxxxxx> <> <>
Sender: owner-ietf-smime@xxxxxxxxxxxx

On Fri, Oct 3, 2008 at 2:09 PM, Turner, Sean P. <turners@xxxxxxxx> wrote:
> 1. I was just following the conventions for SHA-1.  I take it you're
> suggesting we should break with those conventions?

This is something we debated back in the DSA days. The bottom line is
that we were younger and dumber back in the 90's for
AlgorithmIdentifier, and now we know that the parameters are an
optional field. So the bottom line is that new algorithms should be
absent parameters instead of encoded as NULL.

>From RFC 2633:

2.2 SignatureAlgorithmIdentifier

   Sending and receiving agents MUST support id-dsa defined in [DSS].
   The algorithm parameters MUST be absent (not encoded as NULL).

So yeah, we're kind of jerks for carting around some of this NULL for
the older algorithms, but the rule of thumb is that "for any new
algorithms, the parameters are absent if there aren't any".

Blake
-- 
Blake Ramsdell | http://www.blakeramsdell.com

Follow-Ups:
- RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Turner, Sean P.

References:
- I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Internet-Drafts
- RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Jim Schaad
- RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
  - From: Turner, Sean P.

Prev by Date: RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
Next by Date: RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
Previous by thread: RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
Next by thread: RE: I-D ACTION:draft-ietf-smime-sha2-08.txt
Index(es):
- Date
- Thread