[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AD review of draft-ietf-shim6-hba
Hi,
I have done all the changes, except the following, that i think i
need some help with....
El 09/09/2007, a las 18:14, Jari Arkko escribió:
Hm. I would rather use the same syntax to avoid breakage, but
the random bits inside. I would suggest finding a suitable
algorithm ID. It really does not matter what the values are,
but you need to describe what the encoding is.
The HBA draft at this moment states that:
In the
case that the address being generated is an HBA-only address, a
random nonce (encoded in DER as an ASN.1 structure of the type
SubjectPublicKeyInfo) will have to be used as input instead of a
valid public key.
According to RFC 3280:
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING }
and
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL }
AFAIU, the OI for the AlgorithmIdentifier are dfined in RFC 3279 and
in particular for RSA:
The OID rsaEncryption identifies RSA public keys.
pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
rsadsi(113549) pkcs(1) 1 }
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1}
and
RSAPublicKey ::= SEQUENCE {
modulus INTEGER, -- n
publicExponent INTEGER } -- e
As i understand it, what you are requesting, is to define a new
AlgorithmIdentifier value for this case, where the content of the key
would be a random number.
However, i could only found the values defined in RFC3279. Is there
any registry where assigned values for AlgorithIdentifier are stored?
(i mean in order to select one value that doesn't collides with other
used values and to assign it properly)
Thanks, marcelo