On Fri, Mar 17, 2017 at 11:05:17AM -0700, Jon Callas wrote:
My preference is to use SHA-512. My rationale is:
* Fingerprints of keys don't have to be computed continuously. They
* can be computed ones and the result cached for a reasonably long
* period of time. For every argument about speed on small machines,
* there's an equal and opposite counter-argument about speed on
* large machines. I've pulled my hands back several times from
* saying more. I won't unless provoked. I think the better argument
* is that speed of computing a fingerprint doesn't matter.
* If we use SHA-512, we extend the length of time before we have to
* have this argument again.
Admittedly I was already leaning in favour of SHA-512, but this last
bit here pushed me over the line in spite of the issues affecting the
small machines faction.
Regards,
Ben
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp