On Fri, Sep 27, 2002 at 08:55:50AM -0400, David Shaw wrote:
Hello,
In 2440 and in all the 2440bis drafts, the TIGER/192 hash is not fully
usable as it has no OID. Werner Koch and I, with the cooperation of
TIGER's authors, recently arranged an OID for it:
1.3.6.1.4.1.11591.12.2
It would be good to put this in 2440bis so TIGER will be usable.
I agree. All we have left now is to get one for HAVAL-5-160.
I have a sneaking suspicion that this may raise the question whether
TIGER should be in the standard at all, as so long as it did not have
an OID, the question was moot. I have no strong feelings on this
point, but if we are not going to allow the use of TIGER, then perhaps
we should remove it from the standard altogether or explicitly
disallow its use as the current halfway state is confusing now that
there is an OID available.
I think that we should keep it in, although my opinion may be unpopular.
Few implementations allow the use of TIGER, and so those people who wish
to use it can use one of those implementations. It is useful for (gasp!)
Elgamal signatures, because it provides a larger hash algorithm and
therefore the hash algorithm is no longer the weakest link. (Please note
that TIGER is probably more widely implemented than SHA2, if I had to
guess.)
I think it would be the height of silliness to have an algorithm in
the standard and prohibit its use. In fact, it is like revoking your
signature on someone's key: it is a vote of no confidence, a statement
that it is worthless.
--
Brian M. Carlson <karlsson(_at_)hal-pc(_dot_)org> <http://decoy.wox.org/~bmc>
0x560553E7
To thine own self be true. (If not that, at least make some money.)
pgpn6njkVj3Iq.pgp
Description: PGP signature