ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-escertid-00.txt

2006-03-30 08:35:48

Russ Housley <housley(_at_)vigilsec(_dot_)com> writes:

My preference is:

      ESSCertIDEx ::=  SEQUENCE {
           hashAlg                  AlgorithmIdentifier DEFAULT {id-sha256},
           certHash                 Hash,
           issuerSerial             IssuerSerial OPTIONAL
      }

I would rather see the algorithm identifier before the hash value.

Since a new OID is going to be assigned, it is not really important to me
whether the default is sha256 or sha1.  If implementors see a reason to go
with sha1, I can live with it.

Looking at Denis' backwards-compatibility issue, if you do want backwards-
compatibility you'd have to default to SHA-1 and not SHA-2.  For SHA-1 you'd
then get:

       ESSCertIDEx ::=  SEQUENCE {
            certHash                 Hash,
            issuerSerial             IssuerSerial OPTIONAL
       }

which is identical to the original ESSCertID since the 'DEFAULT sha1'
vanishes.  Since something that doesn't know about the -Ex form isn't going to
be able to handle either the AlgorithmIdentifier or the use of a hash other
than SHA-1, it doesn't really matter where the AlgorithmIdentifier goes,
because it'll choke on the non-SHA1 hash anyway whether the
AlgorithmIdentifier precedes or follows it.

(Of course since you're using a different OID to identify it, it could
probably be argued that you can stick an MPEG-of-cat in there as well without
causing any problems.  However, the backwards-compatible format means that you
don't need to special-case the two versions but can just treat the old one as
one particular instance of the new one, which simplifies implementation).

Peter.