CMS Interoperability Matrix Jim Schaad Soaring Hawk Security

CMS Interoperability Matrix Jim Schaad Soaring Hawk Security

Status for RFC 3369 Errata for ASN.1 module Overall – 101 MUST statements (63 of 101) – Features (40 of 40) Report document is started

Status for RFC 3369 (2) Signed Data – Unimplemented Signing Algs/Structs – 2 – Match digest & content-type – 2 Encrypted Data – Version number – 4 – Unimplemented Algs & Recips – 4 – Key Usage – 2

Questions

RSA PSS and CMS Jim Schaad Soaring Hawk Security

Overview PSS is a “new” signature algorithm for RSA key pairs Parameters – Digest Hash Algorithm (H1) – Internal Hash Algorithm (H2) – Internal Mask Generation Function (MGF) MGF Hash Algorithm (H3) – Salt Length (should be length of H2)

Requirements H1 and H2 SHOULD be the same H2 and H3 RECOMMENDED to be the same

Open Issues Should key identifier and signature identifier be the same OID – Not the case for current RSA signatures – Not the case for DSS signatures – Is the case for RSA key encryption – DSS is the only item with non-trivial ASN.1 structure

Open Issues (2) PSS Parameter comparison – Not needed for rsaEncryption identified keys – Is saltLength comparison significant? – More general issue for EC and RSA-OAEP

Questions