[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Issue 20: Describe minimum acceptable lengths for P_SHA1 inputs
This is logged as issue 20. -----Original Message----- From: Prateek Mishra [mailto:prateek.mishra@oracle.com] Sent: Monday, February 06, 2006 2:30 PM To: ws-sx@lists.oasis-open.org Subject: [ws-sx] NEW ISSUE: Describe minimum acceptable lengths for P_SHA1 inputs Protocol: ws-trust <http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm/ws-trust-wd-03.pdf> Artifact: spec Type: design Title: Describe minimum acceptable lengths for P_SHA1 inputs Description: Section 6.2.4 of WS-Trust describes the use of the P_SHA1 function to generate computed keys. It does not provide guidance on minimum size of entropy required for this function. My crypto 101 guess is that a minimum of 20 bytes is required for each parameter but I would like more informed guidance and have it included in the table. Is there any advantage to choosing longer strings for Ent(req) or Ent(res)? Related issues: Proposed Resolution:
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]