Daniel Huigens
<d.huigens=40protonmail(_dot_)com(_at_)dmarc(_dot_)ietf(_dot_)org> writes:
As an alternative option, if the only goal is to fix SHA1 fingerprints,
The first thing to do when "fixing" SHA1 fingerprints, meaning breaking all
existing fingerprints on the planet, is to define what properties they need to
have. I can't think of anything for which SHA-256 is OK but SHA-1 isn't, so
before arbitrarily throwing SHA-256 in there we'd need to define what's needed
for a fingerprint algorithm to see why -1 doesn't meet the requirements, and
whether -256 does.
To pre-empt the inevitable response, collision-resistance isn't a property
that I can see is needed, given that X.509 and S/MIME have been using static
text strings as IDs since before PGP existed without anyone finding
vulnerabilities with them. A fingerprint algorithm is just a way of mapping a
key to a fixed-length identifier, for which almost anything will do.
Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp