[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: Re: [IPsec] Last Call: <draft-kivinen-ipsecme-signature-auth-06.txt> (Signature Authentication in
From: Johannes Merkle <johannes.merkle () secunet ! com>
Date: 2014-07-25 9:39:00
Message-ID: 53D225B4.2030508 () secunet ! com
[Download RAW message or body]
Tero,
thanks for updating the document. However, I'm not sure the first issue is solved.
Tero Kivinen wrote on 20.07.2014 21:02:
> Changed to:
>
> With RSASSA-PSS, the algorithm object identifier must always
> be id-RSASSA-PSS, and the hash function and padding parameters
> are conveyed in the parameters (which are not optional in this
> case). See <xref target="RFC4055"/> for more information.
>
> In the RSASSA-PSS the parameters are required, but they can be empty,
> so they are not optional in this case.
>
Really? Section 3.1 of RFC 4055 states
When RSASSA-PSS is used in an AlgorithmIdentifier, the parameters
MUST employ the RSASSA-PSS-params syntax. The parameters may be
either absent or present when used as subject public key information.
My understanding of this is that the parameters can indeed be absent not just empty.
IMHO the semantic is different: If the parameters are empty (empty sequence in \
RSASSA-PSS-param), the default values apply, and according to Section 3.3, case 3, of \
RFC 4055, the parameters in a signature MUST be validated against the (default) \
parameters specified in SPKI. However, if the parameters are absent, then, according \
to Section 3.3, case 2, of RFC 4055, no parameter validation is needed in a signature \
validation, i.e. a signature may use any parameters.
Maybe, I misinterpret the spec here?
--
Johannes
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic