Blake:
Is there something to be done for the CERT profile also?
The needed OIDs have already been published in RFC 4055:
sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 }
sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 }
sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 }
sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 }
I think it is just a matter of deciding which ones are MUST, SHOULD, and MAY.
I would advocate the use of MUST- and SHOULD+ as was done in the IPsec
WG. MUST- means that the algorithm is currently required for
interoperability, but it is likely to drop to a SHOULD whenever the
specification is updated. SHOULD+ means that the algorithm is likely to be
elevated to a MUST the next time around. I like this approach because it
tells product planners what to expect.
So, building on what Peter Gutmann suggested:
sha1WithRSAEncryption would be a MUST-
sha224WithRSAEncryption would be a MAY
sha256WithRSAEncryption would be a SHOULD+
sha384WithRSAEncryption would be a MAY
sha512WithRSAEncryption would be a MAY
Unfortunately, I do not have a similar recommendation for DSA. SHA-1 still
seems to be the only supported one-way hash function. I expect that to
change soon, but it has not happened yet.
Russ