Re: [Isms] fingerprint TCs and hash types

To: Wes Hardaker <wjhns1 at hardakers.net>
Subject: Re: [Isms] fingerprint TCs and hash types
From: Wes Hardaker <wjhns1 at hardakers.net>
Date: Fri, 11 Sep 2009 06:51:14 -0700
Cc: "isms at ietf.org" <isms at ietf.org>
Delivered-to: isms at core3.amsl.com
In-reply-to: <20090911045136.GA26629 at elstar.local> (Juergen Schoenwaelder's message of "Fri, 11 Sep 2009 06:51:36 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Organization: Sparta
References: <sdhbvamsp4.fsf at wjh.hardakers.net> <AC1CFD94F59A264488DC2BEC3E890DE508B7DECC at xmb-sjc-225.amer.cisco.com> <sdeiqel6sf.fsf at wjh.hardakers.net> <20090911045136.GA26629 at elstar.local>
User-agent: Gnus/5.110011 (No Gnus v0.11) XEmacs/21.4.22 (linux, no MULE)

>>>>> On Fri, 11 Sep 2009 06:51:36 +0200, Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de> said:

JS> In general, I like this format. The downside of course is its length
JS> compared to an OCTET STRING representation:

JS> sha-1	 20    65
JS> sha-256	 32   103
JS> sha-512	 64   199

Yep.  I thought about it.  But the upside of human readability and
string management might outweigh it.  Most management tools do deal with
hex <-> binary conversion fairly well, but this is still probably easier
in the end.

Another win, though, is that the prefixes are already standardized and
we don't need to do anything else.

JS> The second column shows the length of the hash and the third column
JS> the length of the fingerprint (including the label). With sha-512, we
JS> are still well below the common 255 octet boundary but the overhead is
JS> significant and even the sha-1 fingerprint easily allows to ship an
JS> additional varbind while still saving space.

If you're counting bytes in terms of bytes on the wire, you probably
need to include the type encoding as well for the second column that
holds the type which will be 2 OIDs in size length (adding in the length
for the column OID and the value OID).  However, the results will still
be small compared to the ascii encoding.

-- 
Wes Hardaker
Cobham Analytic Solutions

Follow-Ups:
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder

References:
- [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Joseph Salowey (jsalowey)
- Re: [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder

Prev by Date: Re: [Isms] fingerprint TCs and hash types
Next by Date: Re: [Isms] fingerprint TCs and hash types
Previous by thread: Re: [Isms] fingerprint TCs and hash types
Next by thread: Re: [Isms] fingerprint TCs and hash types
Index(es):
- Date
- Thread

Re: [Isms] fingerprint TCs and hash types

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.