[IPP] 5100.11 "job-password-encryption-supported" - what SHA version does 'sha' keyword indicate?

[IPP] 5100.11 "job-password-encryption-supported" - what SHA version does 'sha' keyword indicate?

Ira McDonald blueroofmusic at gmail.com
Thu Jun 12 23:22:51 UTC 2014 

Hi,

Also note that SHA-1 has been DEPRECATED by NIST, IETF, and TCG standards.

It's a MUST NOT implement after sometime in 2015 in lots of new drafts,
including
some US NIAP Common Criteria Protection Profiles.

Printers need to catch up with current hash and encryption algorithms, if
they want
to get certified under CC protection profiles.

Cheers,
- Ira


Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic at gmail.com
Winter  579 Park Place  Saline, MI  48176  734-944-0094
Summer  PO Box 221  Grand Marais, MI 49839  906-494-2434



On Thu, Jun 12, 2014 at 7:17 PM, Ira McDonald <blueroofmusic at gmail.com>
wrote:

> Hi Daniel,
>
> You're conflating key length with the name of the base algorithm.
>
> There are three (totally distinct) NIST SHA algorithms:
> SHA-1
> SHA-2
> SHA-3 (Keccak)
>
> Note that SHA-3 is already being required in various new security standards
> (international and regional ones) and IETF wants to aggressively deploy it
> in new IETF protocols and architectures.
>
> Cheers,
> - Ira
>
>
> Ira McDonald (Musician / Software Architect)
> Co-Chair - TCG Trusted Mobility Solutions WG
> Chair - Linux Foundation Open Printing WG
> Secretary - IEEE-ISTO Printer Working Group
> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
> IETF Designated Expert - IPP & Printer MIB
> Blue Roof Music / High North Inc
> http://sites.google.com/site/blueroofmusic
> http://sites.google.com/site/highnorthinc
> mailto: blueroofmusic at gmail.com
> Winter  579 Park Place  Saline, MI  48176  734-944-0094
> Summer  PO Box 221  Grand Marais, MI 49839  906-494-2434
>
>
>
> On Thu, Jun 12, 2014 at 7:07 PM, Manchala, Daniel <
> Daniel.Manchala at xerox.com> wrote:
>
>>  Smith,
>>
>>
>>
>> Yes, we need additional keywords.
>>
>> sha-1 for the 160 bit digest SHA algorithm
>>
>> sha-256 for the 256 bit digest SHA-256 algorithm
>>
>> sha-512 likewise.
>>
>>
>>
>> Daniel.
>>
>>
>>
>>
>>
>> *From:* ipp-bounces at pwg.org [mailto:ipp-bounces at pwg.org] *On Behalf Of *Kennedy,
>> Smith (Wireless Architect)
>> *Sent:* Thursday, June 12, 2014 1:53 PM
>> *To:* <ipp at pwg.org>
>> *Subject:* [IPP] 5100.11 "job-password-encryption-supported" - what SHA
>> version does 'sha' keyword indicate?
>>
>>
>>
>> Greetings,
>>
>>
>>
>> PWG 5100.11 (JPS2) defines the “job-password-encryption-supported”
>> attribute.  One of the keywords defined in JPS2 is ’sha’.  Neither the
>> keyword nor the description is clear as to which SHA generation is being
>> used.  Is this SHA-0 or SHA-1?  Do we need to define additional keywords to
>> bring this up-to-date?
>>
>>
>>
>> Smith
>>
>> /**
>>     Smith Kennedy
>>     ATB Wireless Architect - PPS
>>     Hewlett-Packard Co.
>> */
>>
>>
>>
>> _______________________________________________
>> ipp mailing list
>> ipp at pwg.org
>> https://www.pwg.org/mailman/listinfo/ipp
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20140612/d0142850/attachment.html>

More information about the ipp mailing list