OpenSSL PKCS #7 supports AES & SHA-2 ?
Alex Alten
alex at alten.org
Sat Oct 7 01:28:52 EDT 2006
After reading PKCS #1 v2 more closely and SHA-2 is not even in the specs,
therefore OpenSSL PKCS #7 functions won't support SHA-2. This spec was
last updated in 1998.
PKCS Editor, is there a new update in progress by RSA Labs to incorporate
SHA-2 and AES?
Does OpenSSL implement PKCS #1 v2 or just v1.5? If the latter then not even
SHA-1 is supported.
PKCS editor, is there any timeline as to when PKCS #7 will then be updated
with references to official OIDs, etc., for specifying SHA-2 and AES?
Dr. Ron Rivest, are you going to publish new message-digest IETF RFCs for
SHA-1
and SHA-2? (So that they can be referenced by an updated PKCS #7.)
Mr. Russ Housley, can you weigh in with what happening in the IETF WG security
area? I know that Mr. Eric Rescorla is working on a new TLS v1.2
draft. Will this
be done/ratified soon? I assume OpenSSL will incorporate this soon thereafter?
This mess with the MD5 and SHA-1 hashes is really starting to becoming a
problem.
It's certainly impacting new development projects/products I'm involved
with using
SSL and PKI certificates. My customers are concerned about using MD5 and
SHA-1, and they don't want to keep paying for implementations repeatedly as
the
standards catch up to reality. Updating these various heavily used standards
quickly is quite important.
Sincerely (and thanks in advance for all of your replies),
- Alex
At 09:05 AM 10/6/2006 -0700, Alex Alten wrote:
>Does anyone know if the OpenSSL PKCS #7 functions support AES and SHA-2?
>(I assuming OpenSSL 0.9.7 or later.)
>
>Thanks,
>
>- Alex
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list