ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] RSA-PSS and RSA-OAEP for v5

2021-02-28 13:47:35
from [Stephen Farrell] [Permanent Link] 

Hiya,

On 28/02/2021 19:26, brian m. carlson wrote:


I think it's very clear, based on a history of CVEs, that as practically
implemented, PKCS #1 padding is weak compared to PSS and OAEP.


FWIW, my impression is that that is not clear. Quite a few
people do have that position for sure, but equally, the views
expressed by e.g. Werner and Peter Gutmann also seem fairly
commonly held afaics.

(As chair) would it be worthwhile pushing this question off
for a while? It may become easier to handle later on - or
even if it's no easier later, it still might be better to
postpone the bun fight for a bit:-)

If pushing this to later made sense, I guess creating an
issue in gitlab would be the thing to do so's we don't lose
track of it. (Apologies if someone did that already, I didn't
go check just now.)

S.

Attachment: OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] OCB statement from Rogaway, brian m. carlson
Next by Date:  Re: [openpgp] RSA-PSS and RSA-OAEP for v5, brian m. carlson
Previous by Thread:  Re: [openpgp] RSA-PSS and RSA-OAEP for v5, brian m. carlson
Next by Thread:  Re: [openpgp] RSA-PSS and RSA-OAEP for v5, brian m. carlson
Indexes:  [Date] [Thread] [Top] [All Lists]