Re: [Isms] fingerprint TCs and hash types

To: "Wes Hardaker" <wjhns1 at hardakers.net>, <isms at ietf.org>
Subject: Re: [Isms] fingerprint TCs and hash types
From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
Date: Thu, 10 Sep 2009 15:22:36 -0700
Authentication-results: sj-dkim-1; header.From=jsalowey at cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Delivered-to: isms at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=2322; t=1252621358; x=1253485358; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey at cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey at ci sco.com> |Subject:=20RE=3A=20[Isms]=20fingerprint=20TCs=20and=20hash =20types |Sender:=20; bh=TbtzE66MGR5ym/nU5qRuFzvApIAK0wcOO4XWP+Crf+I=; b=BRKhHEc0hl6ngMxd5YvvREjg5mb3/F32VSywu1W6ArHD88l/ysBzQS0ICi xGya/LA0lXhSIC5++GbSiWesV8/PheYtN+z+rF2/gAGfNyXWwfPbF9wk3J69 8Z9vz4jYNm58ek9L8bYF9e9DQglJxH0elQ928kwAjzwnEuPXgAy/4=;
In-reply-to: <sdhbvamsp4.fsf at wjh.hardakers.net>
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <sdhbvamsp4.fsf at wjh.hardakers.net>
Thread-index: AcoyWCuxxwCu+VOPT/GwjBcVtLsr/wABztrA
Thread-topic: [Isms] fingerprint TCs and hash types

 

> -----Original Message-----
> From: isms-bounces at ietf.org [mailto:isms-bounces at ietf.org] On 
> Behalf Of Wes Hardaker
> Sent: Thursday, September 10, 2009 1:49 PM
> To: isms at ietf.org
> Subject: [Isms] fingerprint TCs and hash types
> 
> 
> After doing research about what other fingerprinting / hash 
> textual conventions were out there, I found none.  Which 
> surprised me.  The end result was there was nothing to reuse, 
> so we do need to define our own.
> 
> The -00 version of the document defines 2 TCs for "fingerprints"
> (FingerprintType and FingerprintValue).  These are worded 
> generically so they can be reused elsewhere easily.
> 
>
>
> The biggest question, as I was defining the TCs, was what 
> type of data the FingerprintType should be.  Originally in 
> the personal versions of the draft, it was an integer.  But 
> it's highly likely that many other hashing algorithms will be 
> defined in the future, especially with the NIST hashing 
> algorithm "contest" going on right now.  So we certainly need 
> something with agility.  In the end, I changed the 
> FingerprintType to a OID instead.
> 
[Joe] I haven't had a chance to look at your document yet, but I guess
it depends on what you want specified in FingerprintType.  If you are
just looking for hashes there probably are already OIDs for this defined
for PKIX,PKCS,X509 etc.  In addition for Syslog TLS, RFC 5425, the
fingerprint support references the names for hash functions defined in
IANA registry "Hash Function Textual Names" allocated in RFC4572.  If
you are looking for something that is specifying hash and encoding then
I'm not sure there is anything formally defined.  It would be nice if
things lined up in some useful way with RFC 5425.  

> Note that in our MIBs at least, it's not being used as an 
> index so we don't have issues with the length restrictions it 
> would impose on MIB objects.  I could easily see other MIBs 
> wanting to put it in an INDEX though.
> 
> Feedback on these resulting TCs is greatly appreciated.
> 
> --
> Wes Hardaker
> Cobham Analytic Solutions
> _______________________________________________
> Isms mailing list
> Isms at ietf.org
> https://www.ietf.org/mailman/listinfo/isms
>

Follow-Ups:
- Re: [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder

References:
- [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker

Prev by Date: Re: [Isms] fingerprint TCs and hash types
Next by Date: Re: [Isms] fingerprint TCs and hash types
Previous by thread: [Isms] fingerprint TCs and hash types
Next by thread: Re: [Isms] fingerprint TCs and hash types
Index(es):
- Date
- Thread

Re: [Isms] fingerprint TCs and hash types

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.