On Wed, Aug 09, 2017 at 11:02:47PM -0400, Robert J. Hansen wrote:
I am completely against even discussing this right now. IMO, our #1
item right now is getting SHA-1 removed from the spec as thoroughly as
humanly possible. The next is justifying the continued existence of the WG.
Everything else -- *everything else* -- is an afterthought.
Okay. Let me offer a fingerprint proposal, then: SHA-256. Basically,
identical to Werner's proposal, except with the full SHA-256. That
resolves all the issues over truncation. SHA-256 is mandatory to
implement.
Opinions or counterproposals?
--
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp