Re: [COSE] Barry Leiba's Yes on draft-ietf-cose-hash-algs-04: (with COMMENT)

Barry Leiba <barryleiba@computer.org> Tue, 02 June 2020 20:11 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF9D03A0FAA; Tue, 2 Jun 2020 13:11:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.401
X-Spam-Level:
X-Spam-Status: No, score=-1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BEY7XM7hWd2M; Tue, 2 Jun 2020 13:11:00 -0700 (PDT)
Received: from mail-io1-f47.google.com (mail-io1-f47.google.com [209.85.166.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7759F3A0D83; Tue, 2 Jun 2020 13:11:00 -0700 (PDT)
Received: by mail-io1-f47.google.com with SMTP id m81so12232960ioa.1; Tue, 02 Jun 2020 13:11:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Iiq1XbO7AIIVONcek3lRCYEtWsFLLsUV4Vk03ocPR/E=; b=fW4Ii1ua5pOXNw3L6GOQfp6hx+TgL8/2tNi8h31ktF7mc5aBfC9+5QzLZRdcrmQbTX 8U8mlyUQiKNgLGnDCWU238XT+tL0BSdkYjJq+R2CqW4XgBdqM1oBDEZz/XGmbbN+sR3r VGPOWb9w4oX+fGIZAk5sxuVxDLnoMFPgC+QFk8lwkoqyZY+itZtpCWv2avfL4xsVlf3F SENJwg7327egPVKn3h3GL5Em+80HfX58H7PrRUffYGkx6tl9vg2vvHxzGoHbgOL/EBlT aAUwyp/c6aVC5JdgxXAhS+mOrhiubrVheAxIYzF51Pg5WoFNahSk5vlIPwwSk97i2WDQ SuSA==
X-Gm-Message-State: AOAM532f7OxLUV/XTcw7sJIEqI1BPvMNSG6mAlhMYYxDjxFXYqGoNWqD OLMRg/P/O1G6jaVWo/U/ediTgKDIeLyVj+EW+6V+3g==
X-Google-Smtp-Source: ABdhPJyml8dRT4IcoL+dHA7RnjnHX+RUMOk93yjn5VpEdtLG392fqiWkj77iVXDc7zknXP3UB6me/dG6Ts+I8Y2wgUU=
X-Received: by 2002:a02:cd89:: with SMTP id l9mr25783619jap.88.1591128659619; Tue, 02 Jun 2020 13:10:59 -0700 (PDT)
MIME-Version: 1.0
References: <159107239537.28693.16065000145824637198@ietfa.amsl.com> <006201d63912$5e7663e0$1b632ba0$@augustcellars.com>
In-Reply-To: <006201d63912$5e7663e0$1b632ba0$@augustcellars.com>
From: Barry Leiba <barryleiba@computer.org>
Date: Tue, 02 Jun 2020 16:10:48 -0400
Message-ID: <CALaySJLSch5eD5xSpNH2Su5KUvKxX509NtDpzKnYeoo7chq+TQ@mail.gmail.com>
To: Jim Schaad <ietf@augustcellars.com>
Cc: Ivaylo Petrov <ivaylo@ackl.io>, The IESG <iesg@ietf.org>, cose@ietf.org, cose-chairs@ietf.org, draft-ietf-cose-hash-algs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008c723b05a71f82b8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/OjZ1JkOxJVZmzPMkjgU4HCTSEFc>
Subject: Re: [COSE] Barry Leiba's Yes on draft-ietf-cose-hash-algs-04: (with COMMENT)
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2020 20:11:02 -0000

Thanks for the response, Jim, and your counter-suggestions all look good.
I appreciate your considering my comments.

On this:
> Might it be better to have the new column be called “cryptographic use”,
> with values of “yes” and “no”?  Hint: I think it would.  Hint#2: this is a
> non-blocking comment, so you might disagree.

[JLS] I did think about this, the issue is that I do not know what the
correct value would be to place in that column for "AES-GCM-128".  The
table has things which are not hash algorithms.

You couldn’t say “yes” to “cryptographic use” for AES-GCM-128?  Why would
“Recommend” “yes” be better?  I kind of feel (though not that strongly, so
I’ll let this be my last comment on it unless you want to continue to chat
about it) that “Recommend” is an odd column heading.  The name raises a
question for me about why the entry would be there if it’s not Recommended.

b