After reading PKCS #1 v2 more closely and SHA-2 is not even
in the specs,
therefore OpenSSL PKCS #7 functions won't support SHA-2.
This spec was
last updated in 1998.
PKCS Editor, is there a new update in progress by RSA Labs
to incorporate
SHA-2 and AES?
Does OpenSSL implement PKCS #1 v2 or just v1.5? If the
latter then not even
SHA-1 is supported.
PKCS editor, is there any timeline as to when PKCS #7 will
then be updated
with references to official OIDs, etc., for specifying SHA-2
and AES?
Dr. Ron Rivest, are you going to publish new message-digest
IETF RFCs for
SHA-1
and SHA-2? (So that they can be referenced by an updated
PKCS #7.)
Mr. Russ Housley, can you weigh in with what happening in
the IETF WG security
area? I know that Mr. Eric Rescorla is working on a new TLS
v1.2
draft. Will this
be done/ratified soon? I assume OpenSSL will incorporate
this soon thereafter?
This mess with the MD5 and SHA-1 hashes is really starting
to becoming a
problem.
It's certainly impacting new development projects/products
I'm involved
with using
SSL and PKI certificates. My customers are concerned about
using MD5 and
SHA-1, and they don't want to keep paying for
implementations repeatedly as
the
standards catch up to reality. Updating these various
heavily used standards
quickly is quite important.
Sincerely (and thanks in advance for all of your replies),
- Alex
At 09:05 AM 10/6/2006 -0700, Alex Alten wrote:
>Does anyone know if the OpenSSL PKCS #7 functions
support AES and SHA-2?
>(I assuming OpenSSL 0.9.7 or later.)
>
>Thanks,
>
>- Alex
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomo metzdowd.com
|