On 01/03/2013 01:03 AM, ianG wrote:
...
Now that SHA-3 is settled, it seems reasonable to clean out all of the
SHA-1s.
...
On another related point - have the MD numbers been allocated for SHA3
in its various guises?
In the process of writing such a draft I noticed that the only place in
OpenPGP where SHA1 is used in collision resistance sensitive way without
the possibility to change it is fingerprints. For this reason OpenPGP
fingerprints stand out because these are the data structures that
technically make (or soon will make) RFC 4880 non-compliant with
recognized standards. I would separate the issue of fingerprints
depending on known SHA1 weaknesses from any other task that can be
categorized as "OpenPGP V5".
Speaking of the Keccak in OpenPGP draft, I thought that it would be
important to gather the feeling about the path of fixing the
fingerprints. These issues are more dependent as seems. For example, if
you have to use SHA-3-384 for fingerprints, it affects the decisions
about SHOULDs for hashes elsewhere.
I have this Keccak in OpenPGP darft written, waiting to for the NIST to
publish SHA-3 and the OIDs assigned.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp