[cabfpub] Question raised during CABF call today
Ryan Hurst
ryan.hurst at globalsign.com
Thu Dec 5 21:13:25 UTC 2013
+1
And I agree with all of Rob's other points on SHA2 and ECC compatibility
with OCSP.
Ryan
-----Original Message-----
From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Erwann Abalea
Sent: Friday, November 22, 2013 10:28 AM
To: public at cabforum.org
Subject: Re: [cabfpub] Question raised during CABF call today
+1
There's no security problem with it, it's only used to produce a constant
size identifier.
--
Erwann ABALEA
Le 22/11/2013 12:48, Rob Stradling a écrit :
> On 21/11/13 19:10, Geoff Keating wrote:
> <snip>
>> For OCSP, I don't believe we have any plans to change the algorithm
>> used to hash the issuer name and public key in the OCSP request. I'd
>> be interested in opinions as to whether this is necessary or desirable.
> Please keep using SHA-1 for the issuerNameHash and issuerKeyHash.
Forever!
>
_______________________________________________
Public mailing list
Public at cabforum.org
https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4252 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131205/f18e311e/attachment.p7s>
More information about the Public
mailing list