On 5/5/09 15:20, Daniel Kahn Gillmor wrote:
On 05/05/2009 02:58 AM, Ian G wrote:
Simplify, simplify, simplify. One hash is good enough
for 99.99% of the users, and the rest should be implementing not
If it was updated today for IETF, it would say: always insist on the
right to variations in protocols, for future-proofing.
I've seen you express this sentiment before, Ian, and i can appreciate
where you're coming from. Variable ciphers and digests are messy,
difficult to get right, and alienating arcana to most users.
And, anything that slows users slows usage. Unusability is the killer,
not the number of bits in the algorithm.
don't understand what your concrete proposal is here.
Say OpenPGP had Just One Hash, and it was SHA-1 -- what would be the
best approach for us 0.01% of the users/implementors to take in response
to the news that SHA-1's collision-resistance was insufficient against
well-resourced organizations, and seems likely to get worse before SHA-3
Wait until SHA-3. Meanwhile, design how to use SHA-3 from 2012 to 2022.
The predictions of the end of the world are premature. Note that nobody
has stolen money through an MD5 as yet, and nobody has stolen money
because of an RSA-512, either. Nor, has 40 bit secret keys been
embarrassed as yet.
(All my humble opinion of course :)
The business problem here is that the crypto guys are far too far away
from the real business to realise that business leakages are around the
50-80% level. In such an environment, nobody much cares about the
difference between 99.99 and 99.999%.
How would we help facilitate the transition for the 99.99% of the users
to a safer hash? Or would we simply tell them "OpenPGP is done, go find
something else before the year is up if you want to maintain
I think it is best treated as a complete transition from packet types.
E.g., "It's time to create a complete new key. V5 is ready." With not
as much compatibility between the types as expected, but facilitated by
tools. Once per decade. A bit like the transition from 2.6 to 5.0 if
you recall. Again, what I believe, others think differently.