ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Last Call: draft-bryan-http-digest-algorithm-values-update (Additional Hash Algorithms for HTTP Instance Digests) to Informational RFC

2009-12-04 12:42:26
from [Eran Hammer-Lahav] [Permanent Link] 
I am supportive of updating *a* registry.

The OAuth working group has an open requirement for standard identifiers to 
describe hash/digest functions.

What is not clear to me is the relationship of this registry and:

http://www.iana.org/assignments/hash-function-text-names/

which seems to overlap.

I am not sure why we need both, and if we do (because they are protocol 
specific and required for interoperability), how should a new specification 
decide which to use or if a new registry is required. For example my uneducated 
reading of 4572 suggests it is not exactly the same use case as the previous 
RFCs using that registry.

In addition, using different tokens for the same algorithm across protocols 
seems like a bad idea (lower case, upper case, SHA vs sha-1).

And since both include MD5... arguments about appropriate hash algorithm to 
increase security fail.

EHL



-----Original Message-----
From: ietf-announce-bounces(_at_)ietf(_dot_)org [mailto:ietf-announce-
bounces(_at_)ietf(_dot_)org] On Behalf Of The IESG
Sent: Friday, December 04, 2009 6:44 AM
To: IETF-Announce
Subject: Last Call: draft-bryan-http-digest-algorithm-values-update
(Additional Hash Algorithms for HTTP Instance Digests) to Informational RFC

The IESG has received a request from an individual submitter to consider the
following document:

- 'Additional Hash Algorithms for HTTP Instance Digests '
   <draft-bryan-http-digest-algorithm-values-update-03.txt> as an
Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action.  Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2010-01-01. Exceptionally, comments 
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the 
beginning of
the Subject line to allow automated sorting.

The file can be obtained via
http://www.ietf.org/internet-drafts/draft-bryan-http-digest-algorithm-
values-update-03.txt


IESG discussion can be tracked via
https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=
19094&rfc_flag=0

_______________________________________________
IETF-Announce mailing list
IETF-Announce(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-announce

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  sctp multihoming query, Sudhanva Mudigere Narayana Gowda
Next by Date:  Re: sctp multihoming query, Michael Tüxen
Previous by Thread:  sctp multihoming query, Sudhanva Mudigere Narayana Gowda
Next by Thread:  Re: Last Call: draft-bryan-http-digest-algorithm-values-update (Additional Hash Algorithms for HTTP Instance Digests) to Informational RFC, Anthony Bryan
Indexes:  [Date] [Thread] [Top] [All Lists]