[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] Issue 014: Is the key agreement algorithm proposed inWS-Trust sound?
The key size can be set through the AlgorithmSuite assertion in SecurityPolicy. Jiandong Marc Goodner wrote: > Assigned issue number 014. > > Marc Goodner > Technical Diplomat > Microsoft Corporation > Tel: (425) 703-1903 > Blog: http://spaces.msn.com/members/mrgoodner/ > > -----Original Message----- > From: Prateek Mishra [mailto:prateek.mishra@oracle.com] > Sent: Tuesday, January 24, 2006 2:35 PM > To: ws-sx@lists.oasis-open.org > Subject: [ws-sx] New Issue: Is the key agreement algorithm proposed in > WS-Trust sound? > > Protocol: ws-trust > > > <>Artifact: spec > > > > Type: > > design > > > > Title: > > Is the key agreement algorithm proposed in WS-Trust sound? > > > > Description: > > <> Section 6.2.4 proposes the use of P_SHA-1 algorithm taken from rfc > 2246 (TLS 1.0) for implementing a key agreement protocol. > However, key agreement in rfc 2246 involves a somewhat different > construction which uses P_SHA-1 only as a sub-component. > > (1) Is there an analysis or other material available to support the use > of P_SHA-1 as proposed in WS-Trust? > > (2) P_SHA-1 is an iterative method that could theoretically generate > keying material of unbounded size. It would seem that there would > need to be some constraints on the sizes of Ent(req), Ent(resp) and the > computed key. For example, would Ent(req) and Ent(resp) be > required to be at least 160 bits? And, if so, what then would be the > recommended size of the computed key? > > > > > > Related issues: > > > > > Proposed Resolution: > > I dont have one. I am seeking further information from the editors of > the current specification draft. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]