View Issue Details

IDProjectCategoryView StatusLast Update
000320010000-007: ProfilesSpecpublic2016-03-15 15:07
ReporterRandy Armstrong Assigned ToKarl Deiretsbacher  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version1.03 
Target Version1.03Fixed in Version1.03 
Summary0003200: Basic256 Profile does not allow 1024 bit keys
Description

The Basic256 profile adds a requirement for SHA-256 but also increases the key size to 2048. This could cause problems for embedded systems which don't have the processing power to handle 2048 keys.

Request that this profile be extended to allow 1024 bit keys.

(Source: UA Security WG)

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Karl Deiretsbacher

2015-11-10 17:51

developer   ~0006443

Last edited: 2015-11-11 11:37

2015-11-10: UA WG

Change
-> CertificateSignatureAlgorithm – Sha1
into
-> CertificateSignatureAlgorithm – Sha1 [deprecated] or Sha256 [recommended]

If a certificate or any certificate in the chain is not signed with a hash that is Sha1 or stronger then the certificate shall be rejected.

Both Sha1 and Sha256 shall be supported. However, it is recommended to use Sha256 since Sha1 is considered not secure anymore.

Karl Deiretsbacher

2015-11-11 11:37

developer   ~0006450

fixed in "OPC UA Part 7 - Profiles RC 1.03.21 Specification.docx"

Jim Luth

2016-03-15 15:07

administrator   ~0006790

Agreed to fixes already published in 1.03

Issue History

Date Modified Username Field Change
2015-11-01 16:03 Randy Armstrong New Issue
2015-11-10 17:51 Karl Deiretsbacher Note Added: 0006443
2015-11-10 17:51 Karl Deiretsbacher Assigned To => Karl Deiretsbacher
2015-11-10 17:51 Karl Deiretsbacher Status new => assigned
2015-11-10 19:32 Jim Luth Target Version => 1.03
2015-11-11 11:37 Karl Deiretsbacher Note Edited: 0006443
2015-11-11 11:37 Karl Deiretsbacher Note Added: 0006450
2015-11-11 11:37 Karl Deiretsbacher Status assigned => resolved
2015-11-11 11:37 Karl Deiretsbacher Fixed in Version => 1.03
2015-11-11 11:37 Karl Deiretsbacher Resolution open => fixed
2016-03-15 15:07 Jim Luth Note Added: 0006790
2016-03-15 15:07 Jim Luth Status resolved => closed