On Fri, Oct 02, 2009 at 06:14:47PM +0100, Alexey Melnikov wrote:
On Thu, Sep 24, 2009 at 2:22 AM, Ben Campbell <ben(_at_)estacado(_dot_)net>
wrote:
I'm no crypto expert, so please forgive me if this is silly--but isn't there
a movement to phase out sha-1? If so, should that be the default "must
implement" hash for a new mechanism?
My understanding is that use of SHA-1 under HMAC is still considered
reasonable.
The WG debated at length use of SHA-1 versa use of SHA-256, etc. and decided
to proceed with SHA-1, because it is more frequently implemented in libraries
and hardware.
This matter has come up elsewhere, such as in the KRB-WG. NIST has not
obsoleted the use of HMAC-SHA-1, though I don't have a reference handy
at the moment (but a quick search of the KRB-WG mailing list and, maybe,
the krbdev(_at_)mit(_dot_)edu list should yield one).
-- 1.2, last bullet:
What is the referent for "this"? Is there perhaps a missing word(s), or
maybe this paragraph belongs with the previous bullet?
The latter. (This == Hi())
Incidentally, Hi() should be shown as taking the iteration count as an
argument.
Nico
--
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf