OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 20: Describe minimum acceptable lengths for P_SHA1 inputs

This is logged as issue 20.

-----Original Message-----
From: Prateek Mishra [mailto:prateek.mishra@oracle.com] 
Sent: Monday, February 06, 2006 2:30 PM
To: ws-sx@lists.oasis-open.org
Subject: [ws-sx] NEW ISSUE: Describe minimum acceptable lengths for
P_SHA1 inputs

Protocol:  ws-trust


<http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm/ws-trust-wd-03.pdf>

 

Artifact:  spec

 

Type:

design

 

Title:

Describe minimum acceptable lengths for P_SHA1 inputs

 

Description:

Section 6.2.4 of WS-Trust describes the use of the P_SHA1 function to 
generate computed keys. It does
not provide guidance on minimum size of entropy required for this 
function. My crypto 101 guess is that
a minimum of 20 bytes is required for each parameter but I would like 
more informed guidance
and have it included in the table. Is there any advantage to choosing 
longer strings for Ent(req) or Ent(res)?

 

Related issues:


 

Proposed Resolution:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]