OpenSSL PKCS #7 supports AES & SHA-2 ?

Whyte, William WWhyte at ntru.com
Wed Oct 11 04:48:25 EDT 2006 

PKCS#7 has been superseded by the IETF's Cryptographic Message Syntax, CMS.
You should check within the S/MIME working group for updates.

William 

> -----Original Message-----
> From: owner-cryptography at metzdowd.com 
> [mailto:owner-cryptography at metzdowd.com] On Behalf Of Alex Alten
> Sent: Saturday, October 07, 2006 12:29 AM
> To: cryptography at metzdowd.com
> Cc: rivest at theory.lcs.mit.edu; rivest at mit.edu; 
> pkcs-editor at rsasecurity.com; housley at vigilsec.com; 
> ekr at networkresonance.com; mark at awe.com; rse at engelschall.com; 
> shenson at drh-consultancy.demon.co.uk; ben at algroup.co.uk
> Subject: Re: OpenSSL PKCS #7 supports AES & SHA-2 ?
> 
> After reading PKCS #1 v2 more closely and SHA-2 is not even 
> in the specs,
> therefore OpenSSL PKCS #7 functions won't support SHA-2.  
> This spec was
> last updated in 1998.
> 
> PKCS Editor, is there a new update in progress by RSA Labs to 
> incorporate
> SHA-2 and AES?
> 
> Does OpenSSL implement PKCS #1 v2 or just v1.5?  If the 
> latter then not even
> SHA-1 is supported.
> 
> PKCS editor, is there any timeline as to when PKCS #7 will 
> then be updated
> with references to official OIDs, etc., for specifying SHA-2 and AES?
> 
> Dr. Ron Rivest, are you going to publish new message-digest 
> IETF RFCs for 
> SHA-1
> and SHA-2?  (So that they can be referenced by an updated PKCS #7.)
> 
> Mr. Russ Housley, can you weigh in with what happening in the 
> IETF WG security
> area?  I know that Mr. Eric Rescorla is working on a new TLS v1.2 
> draft.  Will this
> be done/ratified soon?  I assume OpenSSL will incorporate 
> this soon thereafter?
> 
> This mess with the MD5 and SHA-1 hashes is really starting to 
> becoming a 
> problem.
> It's certainly impacting new development projects/products 
> I'm involved 
> with using
> SSL and PKI certificates.  My customers are concerned about 
> using MD5 and
> SHA-1, and they don't want to keep paying for implementations 
> repeatedly as 
> the
> standards catch up to reality.  Updating these various 
> heavily used standards
> quickly is quite important.
> 
> Sincerely (and thanks in advance for all of your replies),
> 
> - Alex
> 
> 
> At 09:05 AM 10/6/2006 -0700, Alex Alten wrote:
> >Does anyone know if the OpenSSL PKCS #7 functions support 
> AES and SHA-2?
> >(I assuming OpenSSL 0.9.7 or later.)
> >
> >Thanks,
> >
> >- Alex
> 
> 
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to 
> majordomo at metzdowd.com
> 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list