On 05/05/2009 02:58 AM, Ian G wrote:
Simplify, simplify, simplify. One hash is good enough
for 99.99% of the users, and the rest should be implementing not
eulogising.
[...]
If it was updated today for IETF, it would say: always insist on the
right to variations in protocols, for future-proofing.
I've seen you express this sentiment before, Ian, and i can appreciate
where you're coming from. Variable ciphers and digests are messy,
difficult to get right, and alienating arcana to most users. But i
don't understand what your concrete proposal is here.
Say OpenPGP had Just One Hash, and it was SHA-1 -- what would be the
best approach for us 0.01% of the users/implementors to take in response
to the news that SHA-1's collision-resistance was insufficient against
well-resourced organizations, and seems likely to get worse before SHA-3
is settled?
How would we help facilitate the transition for the 99.99% of the users
to a safer hash? Or would we simply tell them "OpenPGP is done, go find
something else before the year is up if you want to maintain
private/authenticated communications"?
Regards,
--dkg
signature.asc
Description: OpenPGP digital signature