There are currently a large number of items which are assuming that SHA1
will not ever be effectively broken. This is just another of those items.
If SHA1 ever does get broken then the algorithm here can be updated by
creating a new OID to define a new version of ESSCertID. The problem with
making it flexible is that you then need to start stating which algorithms
can and cannot be used leading to the same problem of a new draft when SHA1
is broken anyway.
jim
-----Original Message-----
From: Francois Rousseau [mailto:f(_dot_)rousseau(_at_)adga(_dot_)ca]
Sent: Thursday, December 10, 1998 9:32 AM
To: ietf-smime(_at_)imc(_dot_)org
Cc: Jim Schaad (Exchange)
Subject: Comment on ESS-09
I am not sure if there is any plan to change this for version
10 of ESS or
it was/will be discussed in Orlando, but I just though that the
identification of certificates in Section 5.4.1 for the
Signing Certificate
Attribute Definition should be more flexible and not
necessarily be bound
for ever to SHA1. I however agree that SHA1 should be the
default digest
algorithm at this point. Instead I suggest that it could read
as follows:
ESSCertID ::= SEQUENCE {
certHash CertHash,
issuerSerial IssuerSerial OPTIONAL
}
CertHash ::= SEQUENCE {
digestAlgorithm DigestAlgorithmIdentifier,
digest Digest
}
Digest ::= OCTET STRING -- hash of entire certificate
Francois Rousseau
AEPOS Technologies