On Thu, 19 Jun 2008, Jon Callas wrote:
On the one hand, an OID is just a bit string. It's no worse than
UTF-8. Consider the way we do it to be ISO Latin1, and OIDs to be
Unicode. On the other hand, you're right.
Ick, yeah. On the other hand, UTF-8 stuff is generally considered an
attack vector; it's only recently that we've seen OID-based conditional
jump attacks, etc. Maybe I'm naive, but I expect people to be careful with
UTF-8; I don't necessarily expect them to be so careful with OIDs.
I don't see that an OID actually solves the problem. The problem is
that the bureaucracy of IANA needs to assign the bit string. It
doesn't matter if the bit string is an OID or one of our constants.
What I thought Werner meant was that we'd use whatever OIDs were assigned
*already* for a given curve; in his response, he mentioned that IANA would
be assigning them for use in OpenPGP. So then I ask "why not use OpenPGP
IDs for these?" If we have to deal with IANA, I don't see how OIDs are
better than anything else.
Make one up. Ditto for Camellia. Pick the obvious right number, and we
all agree we'll start using it. Then we tell IANA to assign that number.
That's easy enough. For WHIRLPOOL, I'm claiming ID 4 (unassigned in 4880,
previously reserved for Double-width SHA). Please let me know if you think
it should be something else.