Re: [Anima-bootstrap] [Spasm] SHA1 usage in Anima-bootstrap voucher yang

Michael Richardson <> Fri, 03 March 2017 22:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E206B12965B; Fri, 3 Mar 2017 14:51:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id j7tWIdKX2Ne7; Fri, 3 Mar 2017 14:51:58 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6D0D8129657; Fri, 3 Mar 2017 14:51:58 -0800 (PST)
Received: from ( [IPv6:2607:f0b0:f:2::247]) by (Postfix) with ESMTP id 53E732009E; Fri, 3 Mar 2017 18:14:23 -0500 (EST)
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id 64ED0636BB; Fri, 3 Mar 2017 17:51:57 -0500 (EST)
From: Michael Richardson <>
To: Russ Housley <>
In-Reply-To: <>
References: <> <> <>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Fri, 03 Mar 2017 17:51:57 -0500
Message-ID: <>
Archived-At: <>
Cc: SPASM <>, anima-bootstrap <>
Subject: Re: [Anima-bootstrap] [Spasm] SHA1 usage in Anima-bootstrap voucher yang
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 03 Mar 2017 22:52:00 -0000

Russ Housley <> wrote:
    > I’m sure you know that there are three important properties for hash
    > functions.  The are:


    > In the system you describe, it seems that an attacker would need to
    > find a preimage.  For SHA-1, we do not know of a way to do that yet,
    > but the 160-bit have value produced by SHA-1 is probably not big enough
    > to be considered safe in today's computing environment.

    > It seems very odd to be developing a new standards that is using a hash
    > function that was deprecated at the end of 2010 by NIST.

    > My personal recommendation ould be to move from SHA-1 to SHA-256.

Yes, I agree completely.

What I'm asking for, is if there is a good, well-established container that
we can reference, that essentially gives us the agility to move from SHA1 to
SHA256, and to SHA3 if we have to.

Alternatively, for the use case involved, which is to refer to a certificate
by reference-to-CA + reference-to-DN, if there is some other construct that
would better do what we want, and *also* provide us with the agility we would

(Some ownership vouchers may sit in filing cabinets for a few decades in
a warehouse somewhere)

Michael Richardson <>, Sandelman Software Works
 -= IPv6 IoT consulting =-