OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Updated: (OFFICE-2738) ODF 1.2 Part 3 section4.8.12 manifest:salt guidance


     [ http://tools.oasis-open.org/issues/browse/OFFICE-2738?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dennis Hamilton updated OFFICE-2738:
------------------------------------

    Proposal: 
Replace the text of 4.8.12 manifest:salt with 

"""
The manifest:salt attribute carries the value of a cryptographically-random binary value.   The left-to-right sequence of octets that contain the bits of the value are represented in the attribute value using base64binary encoding.   There is no maximum length to the salt.

Note: The salt is introduced into key derivation procedures in order to discourage the discovery of the start key or the derived key developed by the key-derivation procedure.  The use of cryptographically random salts reduces the possibility of separate uses of the same start key leading to the same derived key.   A minimum 64-bit (8-octet) salt is recommended in [RFC2898].  The 128-bit (16-octet) default salt length (section 3.4.2) is simple to use with PBKDF2 when HMAC-SHA-1 is the pseudorandom function, PRF.   Internal characteristics of the key-derivation function can make increases in the length of the salt counter-productive at some point  (e.g., over 160 bits with SHA1).  See [RFC2898] for further considerations.
"""

  was:
Replace the text of 4.8.12 manifest:salt with 

"""
The manifest:salt attribute carries the value of a cryptographically-random binary value   The left-to-right sequence of octets that contain the bits of the value are represented in the attribute value using base64binary encoding.   There is no maximum length to the salt.

Note: The salt is introduced into key derivation procedures in order to discourage the discovery of the start key or the derived key developed by the key-derivation procedure.  The use of cryptographically random salts reduces the possibility of separate uses of the same start key leading to the same derived key.   A minimum 64-bit (8-octet) salt is recommended in [RFC2898].  The 128-bit (16-octet) default salt length (section 3.4.2) is simple to use with PBKDF2 when HMAC-SHA-1 is the pseudorandom function, PRF.   Internal characteristics of the key-derivation function can make increases in the length of the salt counter-productive at some point  (e.g., over 160 bits with SHA1).  See [RFC2898] for further considerations.
"""


> ODF 1.2 Part 3 section 4.8.12 manifest:salt guidance
> ----------------------------------------------------
>
>                 Key: OFFICE-2738
>                 URL: http://tools.oasis-open.org/issues/browse/OFFICE-2738
>             Project: OASIS Open Document Format for Office Applications (OpenDocument) TC
>          Issue Type: Bug
>         Environment: This clarification applies to ODF 1.0/1.1/IS 26300 and ODF 1.2 drafts.  The specific text is addressed to ODF 1.2 CD05 Part 3 and the section numbering there.
>            Reporter: Dennis Hamilton
>            Priority: Minor
>
> The 4.8.12 manifest:salt attribute specification provides no guidance on the generation of salt values by package producers.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]