On Mon, May 4, 2009 at 8:15 PM, Daniel Kahn Gillmor
<dkg(_at_)fifthhorseman(_dot_)net> wrote:
On 05/04/2009 02:39 PM, vedaal(_at_)hush(_dot_)com wrote:
MDC's ?
currently SHA-1
rfc-4880 p. 49 ff
Ah, right. Jon Callas' remarks about the MDC from back in January might
be relevant:
http://lists.gnupg.org/pipermail/gnupg-devel/2009-May/024967.html
I think his point stands that the MDC only cares about the one-wayness
of the digest used in MDC -- there is no reliance on a
collision-resistance property. So i'm not sure that this needs to
change in a new draft, particularly if it could make the discussion more
contentious.
What do other folks think?
I think we need to address it; we may as well, plus also
during the IETF review of the draft of what would become
4880, we have to CONVINCE IETF that it was "OK" to use
SHA-1 here (when there were already concerns about it).
"SHA-1 baad, mm'ok?" :)