[Top] [All Lists]

RE: pkcs7-md5 and pkcs7-sha1 micalg values

1997-06-02 14:56:18
On Monday, June 02, 1997 2:46 PM, Keith Moore 
I propose that the micalg parameter for multipart/signed messages with
the "application/pkcs7-signature" protocol be defined as pkcs7-md5 and
pkcs7-sha1 for the MD5 and SHA-1 digest algorithms respectively.  I
further propose that any future digest algorithms that are supported for
S/MIME keep the "pkcs7-" prefix.

Why?  What technical purpose would be served by doing this?

Good point, and I just found out the answer myself.  I have been keeping
track of some of the other mailing lists, and this issue is being
debated this very moment on IETF-PGP-MIME at the IMC.  Ned Freed
summarized it this way (my apologies if the citation out of context is
inappropriate -- the whole message is on IETF-PGP-MIME):

Ned Freed said:

I note in passing that there is some confusion about the interpretation of
micalgs. The answer to this is simple: Micalgs names are pure names. You
assume anything from the name unless you recognize it in its entirety; it is
quite possible for a micalg name to include the string "md5" yet not use the
MD5 hash, and it is also possible for a micalg to not include the string
yet use MD5. The fact that micalg names appear to be composite is simply an
artefact of our attempts to make them humand-readable; it is nothing a
should rly on.

This statement by Ned is reinforced by PGP-MIME's use of "pgp-md5" (as
opposed to the "rsa-md5" of MOSS and currently used by S/MIME) which
seems to indicate that the identifiers are typically protocol-dependent,
and identify not just the hashing algorithm, but the semantics of its
use (that is, the data that is hashed, along with any optional
parameters that might be supplied to the hashing algorithm).