ietf-openpgp
[Top] [All Lists]

Re: Suggested changes for DSA2, take 2

2006-03-26 10:44:55

David Shaw wrote:
Here is some revised suggested DSA2 language, taking Hal's comments
into account and adding some extra polish.  While I agree with his
suggestion to reorganize the signature sections, I'm reluctant to get
into that in this mail as I think that getting general consensus on
DSA2 language would be easier if the two weren't combined.  I'd be
happy to take it up separately though.

==================================

Section 5.2.2 (Version 3 Signature Packet Format) says:

    DSA signatures MUST use hashes with a size of 160 bits, to match q,
    the size of the group generated by the DSA key's generator value.
    The hash function result is treated as a 160 bit number and used
    directly in the DSA signature algorithm.

change to:

    DSA signatures MUST use hashes that are equal to or larger than

language nit: "equal in size to"

    the size of q, the group generated by the DSA key's generator
    value.  If the chosen hash is larger than the size of q, the hash
    result is truncated to fit by taking a number of leftmost bits
    equal to the number of bits in q.  This (possibly truncated) hash
    function result is treated as a number and used directly in the
    DSA signature algorithm.


-- 
http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

<Prev in Thread] Current Thread [Next in Thread>