[Ndn-interest] SignatureSha256WithRsa, which RSA?
shijunxiao at email.arizona.edu
Wed Oct 2 08:53:17 PDT 2019
SignatureSha256WithRsa is the basic signature algorithm that MUST be
supported by any NDN-compliant software.
It defines an RSA public key signature that is calculated over SHA256 hash
of the Name, MetaInfo, Content, and SignatureInfo TLVs.
Looking over WebCrypto <https://diafygi.github.io/webcrypto-examples/>,
there are two variants of RSA suitable for signing:
Which RSA variant is being defined by SignatureSha256WithRsa?
(yes, I could try each with existing implementations, but the protocol is
supposed to define everything unambiguously)
Then, WebCryptoAPI Live Table
<https://diafygi.github.io/webcrypto-examples/> discourages new
applications from using either variant of RSA, and recommends using ECDSA
Also, the testbed root key
is SignatureSha256WithEcdsa since Dec 2017.
I think it's time to amend this statement:
SignatureSha256WithRsa MUST be supported by any NDN-compliant software.
My suggestion is:
- SignatureSha256WithEcdsa with P-256 curve is required.
- Other ECDSA curves are optional.
- Other signing algorithms such as SignatureSha256WithRsa are optional.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ndn-interest