[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Updated: (OFFICE-2354) support sha256 in part1 vs part 3
[ http://tools.oasis-open.org/issues/browse/OFFICE-2354?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Brauer updated OFFICE-2354: ----------------------------------- Resolution: Add to 3.8.3 manifest:checksum-type - urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k: SHA256 algorithm (see [RFC3174]) applied to first 1024 bytes of the compressed unencrypted file. Adapt the last paragraph of 3.8.3 to: Package producers that support encryption should use the urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k algorithm. Package consumers that support encryption shall support the values SHA1/1K, urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha1-1k and urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k. Adapt the last paragraph of 3.8.6 to: Package producers that support encryption should use the http://www.w3.org/2000/09/xmldsig#sha256 alogorithm. Package consumers that support encryption shall support the values SHA1, http://www.w3.org/2000/09/xmldsig#sha1 and http://www.w3.org/2000/09/xmldsig#sha256. was:Mandate that all Consumers support both SHA1 and SHA256, and Producers should use SHA256 > support sha256 in part 1 vs part 3 > ---------------------------------- > > Key: OFFICE-2354 > URL: http://tools.oasis-open.org/issues/browse/OFFICE-2354 > Project: OASIS Open Document Format for Office Applications (OpenDocument) TC > Issue Type: Improvement > Components: Security > Affects Versions: ODF 1.2 Part 3 CD 1 > Reporter: Bart Hanssens > Assignee: Michael Brauer > Priority: Minor > Fix For: ODF 1.2 Part 2 CD 2 > > > Part 3, 3.8.3 manifest:checksum-type says > "Package consumers that support encryption shall support the values SHA1/1K and urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha1" > "Package producers that support encryption shall support the value SHA1/1K" > Part 3, 3.8.6 manifest:start-key-generation-name states > "Package consumers that support encryption shall support the values SHA1 and http://www.w3.org/2000/09/xmldsig#sha1" > "Package producers that support encryption shall support the value SHA1" > On the other hand, Part 1, 19.700 table:protection-key-digest-algorithm states > "Consumers shall support SHA1, which is the default, and SHA256" > "Producers should use SHA256" > While I do realize that part 3 may be used outside the scope of ODF, it seems a bit odd that the spec as a whole more or less promotes SHA256 for a table protection key, SHA1 for start key generation and SHA1/1K for checksum-type (2-3 different algorithms for basically the same thing) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]