Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport

To: tls mailing list <tls at ietf.org>
Subject: Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
From: Uri Blumenthal <uri at ll.mit.edu>
Date: Thu, 6 Mar 2008 10:46:46 -0500
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <47D00FB8.5000509 at pobox.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <OF8E422CE6.0B879BB8-ON85257403.0040C27F-85257403.00418284 at certicom.com> <20080306123458.9B8CB169462 at kilo.rtfm.com> <47D00FB8.5000509 at pobox.com>
Sender: tls-bounces at ietf.org

No strong feelings. Just a reaction to an algorithm whose usefulnessis low now and will decrease further. Compare it to SHA512 whoseusefulness is expected to increase.

--
Regards,
Uri

On Mar 6, 2008, at 10:37 AM, Mike wrote:

Maybe it is a good idea to use this as market pressure to
keep CAs from doing stupid things, such as issuing X.509
certificates with SHA-224 instead of SHA-256 in the signature.

(I hope that NIST didn't come up with a braindead suggestion
to do so.)


The issue is whether we want TLS 1.2 to be as algorithm-agile as
possible, or try to impose artificial limitations to this agility
as "market pressure". I would support making this agile, instead
of trying to predict (or control) the future.


Regretfully, I agree with this....


There seem to be a lot of strong feelings against SHA-224.
I looked at the FIPS amendment which defines it, and it
doesn't appear to be such a horrible thing.  Can someone
explain how NIST got it so wrong?

Thanks,

Mike
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
  - From: Rob Dugal
- Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
  - From: Eric Rescorla
- Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
  - From: Mike

Prev by Date: Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
Next by Date: Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
Previous by thread: Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
Next by thread: Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport
Index(es):
- Date
- Thread

Re: [TLS] Last Call: draft-ietf-tls-rfc4346-bis (The Transport

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.