This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.cp_grid_certificate_profile.topc4126 at Thu, 03 Nov 2022 23:14:20 GMT SourceForge : Post
Home Projects Search
User Password Logins Disabled Help

Project Home
Tracker
Documents
Tasks
Source Code
Discussions
File Releases
Wiki
Project Admin
Project: Editor     Discussion > CP:Grid Certificate Profile >  A few minor issues > List of Posts
Forum Topic - A few minor issues: (1 Item)
View:  as 
 
Update
 
Blair Dillaway
10/08/2007 12:37 PM
post5912
A few minor issues
Overall I think this is a good document.  I have a few minor issues the authors may wish to consider

Section 2.2
While I understand that most of the deployed infrastructure still doesn’t support the SHA-2 family of hash functions, I
 am concerned about recommending only SHA-1 be used. This situation is likely to change very rapidly. You might add 
language to the effect that if the CA knows the targeted grid environment supports the SHA-2 family then its use if 
preferred.

Section 3.3.2
I would prefer this document recommend that  keyUsage = nonRepudiation NOT be used in any certificates. It has been 
debated endlessly and there is little consensus on how it should be interpreted.

Section 4.2
ECC-based signatures are starting to be used for x.509 certificates (driven by the US Govt Suit B algorithm requirements
 – see http://www.nsa.gov/ia/industry/crypto_suite_b.cfm).  This specification should acknowledge this transition, 
similar to the discussion of SHA-1 versus SHA-2 hash algorithms.

 
Return
 

The Open Grid Forum Contact Webmaster | Report a problem | GridForge Help
This is a static archive of the previous Open Grid Forum GridForge content management system saved from host forge.ogf.org file /sf/discussion/do/listPosts/projects.ggf-editor/discussion.cp_grid_certificate_profile.topc4126 at Thu, 03 Nov 2022 23:14:21 GMT