Hallam-Baker, Phillip wrote:
Having discussed this issue with the cryptographers the clear consensus
there is that the announced weaknesses in SHA-1 almost certainly affect
SHA-256 and that we should be looking for hash functions designed on
different principles rather than promoting SHA-256 as a cure.
I concur. Last week I used the opportunity of the RSA conference to conduct
an informal survey with many of the world's best known cryptographers. They
have no evidence that SHA-256 is more than marginally better than SHA-1. The
consensus was that SHA-1 can still be used in the next few years, and that
when looking for a replacement we have to look beyond SHA-256.
Daniel
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html