[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: changes proposal for nym-spec



On Thu, Aug 05, 2004 at 12:09:59PM +0200, Jean-Ren? Reinhard wrote:
> Hi,
> 
> I am currently writing a nymserver in python with Laurent. Some
> questions about the specs :
> 
> - section 2.1
> "Each message also has:
> 	A 32-byte message identifier"
> 
> everywhere else the message identifier is 20 bytes long

changed.

> 
> - section 4.3
> "The signature field is equal to the RSA-OAEP+ signature ..."
> 
> mixminion uses the RSA-OAEP signature. Is this signature unsafe in the
> context of the nymserver. Can the specs be changed from RSA-OAEP+ to
> RSA-OAEP?

changed.

> If it is not possible, do you know of any library implementing
> RSA-OAEP+? I have the impression that it is not in OpenSSL.

If I remember correctly, OAEP has weaknesses that turn out not to
matter with RSA; If I'm right, RSA-OAEP+ is pointless.  I wonder why I
wrote that.
 
> - section 4.3.7
> 
> "the AFTER field requests that only summaries newer than the message ID
> specified be returned."
> 
> Is it a good idea/is it necessary to specify a message ID older than
> everyone else? Z(20) for exemple?

done.

hth,
-- 
Nick Mathewson
(PGP key will change on 15Aug2004; see http://wangafu.net/key.txt)

Attachment: pgp00000.pgp
Description: PGP signature