On 13/04/2015 18:32 pm, Phillip Hallam-Baker wrote:
Given the way fingerprints are used, there is an intense pressure to
use a single algorithm for everything. That is why I think that we
should pick either SHA-2-512 or SHA-3-512 and truncate as necessary.
If SHA-2-512, then I'm happy to truncate as necessary.
If SHA-3, it is a sponge function internally so it is designed to do the
"truncation" or rather "expansion" already and it'd be a shame not to
use that feature directly.
(as an aside, I think we should go with Keccak entirely as it'll be out
soon enough in NIST form as SHA-3, and it has substantial other benefits.)
iang
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp