On 16/04/2015 18:46 pm, Phillip Hallam-Baker wrote:
<Fingerprint-ID>
At the moment the consensus proposal seems to be that Fingerprint-ID
is a numeric code that has exactly two entries.
I don't know why we'd do both. I suppose it's because hashes are like
mountains and seeing them, we have to walk up them. If there are two,
we have to walk up and down twice...
I suggest:
96: SHA-2-512
144: SHA-3-512
In the unfortunate event that we allocate multiple hashes + numbers,
then I suggest we also allocate an X that is to be used for closed,
internal trials. This way, people are less likely to homestead spots
and then come to us with arguments about how they're using ABC and they
don't want people to change and bla bla.
These numbers are not completely random. While the codes themselves
don't matter, using 0x60 and 0x90 has the pleasing and convenient
effect that SHA-2-512 fingerprints will always start with the letter M
(for Merkle-Damgard) and SHA-3-512 fingerprints will always start with
the letter S (for Spongeworthy).
OK, cautious nod to the letters - although it would be pleasing if you
could point to a web calculator that could lay out the conversions for
those of us who've forgotten how do to hex-b32-ascii-dec in our head ;)
What is the extension strategy for when we've exhausted the 256
possibilities in a byte?
(Yes I realise you didn't specify a byte, but I guess that's part of the
question.)
We ourselves don't want more than a handful. But if we open up the
fingerprint standard to a wider audience, then austerity will be out the
window. What's our approach of the TLS group decides they want to add a
few hundred?
iang
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp