Re: [Isms] fingerprint TCs and hash types

To: Wes Hardaker <wjhns1 at hardakers.net>
Subject: Re: [Isms] fingerprint TCs and hash types
From: Wes Hardaker <wjhns1 at hardakers.net>
Date: Fri, 11 Sep 2009 11:05:27 -0700
Cc: "isms at ietf.org" <isms at ietf.org>
Delivered-to: isms at core3.amsl.com
In-reply-to: <20090911165148.GD27905 at elstar.local> (Juergen Schoenwaelder's message of "Fri, 11 Sep 2009 18:51:48 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Organization: Sparta
References: <sdhbvamsp4.fsf at wjh.hardakers.net> <AC1CFD94F59A264488DC2BEC3E890DE508B7DECC at xmb-sjc-225.amer.cisco.com> <sdeiqel6sf.fsf at wjh.hardakers.net> <20090911045136.GA26629 at elstar.local> <sd8wglio8d.fsf at wjh.hardakers.net> <20090911165148.GD27905 at elstar.local>
User-agent: Gnus/5.110011 (No Gnus v0.11) XEmacs/21.4.22 (linux, no MULE)

>>>>> On Fri, 11 Sep 2009 18:51:48 +0200, Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de> said:

>> Another win, though, is that the prefixes are already standardized and
>> we don't need to do anything else.

JS> There are networks (such as 802.15.4/6LoWPAN) where DTLS might be a
JS> perfect fit since its session nature reduces per message overhead and
JS> the message size constraints are significant here.

True, but sort of off topic for the thread I think since it was about a
MIB object's contents?  I'm not saying it's not an interesting point (it
is!), I'm just trying to make sure we don't have a disconnect in the
conversation.
 
JS> It does seem inconsistent to be on the one hand happy with an IANA
JS> register for fingerprint names while you want unlimited number space
JS> extensibility with OIDs. I vote for a small integer, if needed
JS> partition the integer number space like we do for say security models.
JS> Or simply ship a string such as "sha-1". (BTW, does the relevant RFC
JS> specify how to create non-standard names, e.g. an "x-" escape?)  But
JS> in general, I think we do not necessarily need to provide more
JS> flexibility than the PKI specs provide.

I'm now a bit confused about where your technical opinion lies, since
you've been professing the positive and negative attributes of all the
possibilities.

Would you prefer:

1) a single ascii encoding with type prefix that matches the other PKIX RFC(s)
2) an integer (possibly partitioned) and a binary encoded value
3) an OID and a binary encoded value

I think all the points you've brought up are good ones.  I'm not sure
what side of the fence you ended up on.

-- 
Wes Hardaker
Cobham Analytic Solutions

Follow-Ups:
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder

References:
- [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Joseph Salowey (jsalowey)
- Re: [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder
- Re: [Isms] fingerprint TCs and hash types
  - From: Wes Hardaker
- Re: [Isms] fingerprint TCs and hash types
  - From: Juergen Schoenwaelder

Prev by Date: Re: [Isms] fingerprint TCs and hash types
Next by Date: Re: [Isms] fingerprint TCs and hash types
Previous by thread: Re: [Isms] fingerprint TCs and hash types
Next by thread: Re: [Isms] fingerprint TCs and hash types
Index(es):
- Date
- Thread

Re: [Isms] fingerprint TCs and hash types

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.