[dane] Digest identifiers in -registry-acronyms-02

Richard Barnes <rlb@ipv.sx> Tue, 10 December 2013 21:29 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E980B1AE068 for <dane@ietfa.amsl.com>; Tue, 10 Dec 2013 13:29:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZQ4KEWgkH-Eg for <dane@ietfa.amsl.com>; Tue, 10 Dec 2013 13:29:45 -0800 (PST)
Received: from mail-ob0-f178.google.com (mail-ob0-f178.google.com [209.85.214.178]) by ietfa.amsl.com (Postfix) with ESMTP id 279F51AD73F for <dane@ietf.org>; Tue, 10 Dec 2013 13:29:45 -0800 (PST)
Received: by mail-ob0-f178.google.com with SMTP id uz6so6063552obc.9 for <dane@ietf.org>; Tue, 10 Dec 2013 13:29:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=sEuszAi2ZRd6C3ZBKpO9jmDIIYXH9q0SkdgpYgGAcuI=; b=G/GA+5pd5n9mz2FInxdUaXqqy6u/PzOVoBsqMbzplzxEjGYO9P2vOJOqhRPCV7npK4 K8RIwrHUB02xaTs2VmMT/9LmyGV8cH30mbGN/Fb/VHhpQxMlC44Yvm7K1A+/XWDn45GD 0cMRbHXPw9Y3PeUKTNWV6rTGvuGqSrlwYkQJurgmdtzwKCDgKI9hZ9Kbrw6lY9VF/a8L uohX7WcVWPfK8LvVstvlFG1ISWxpKlxpwRCQMY5U/bjQmhR2PDpgb3Pdh6HeLGB7xrjT eZ8CP5TBZXjYob7eNAFZm62rgy9U9fnpTFurz1oM1BNqmnIomxAxDEtl19n492TMid1M Tz8Q==
X-Gm-Message-State: ALoCoQllsK3VKQTs1lZnlx8gyho0usRzgT9lEV93hC9zFWRwuT9Oe+31ZIFk8eWrrSrEq8CHMyqH
MIME-Version: 1.0
X-Received: by 10.60.142.8 with SMTP id rs8mr18399671oeb.34.1386710979751; Tue, 10 Dec 2013 13:29:39 -0800 (PST)
Received: by 10.60.31.74 with HTTP; Tue, 10 Dec 2013 13:29:39 -0800 (PST)
Date: Tue, 10 Dec 2013 16:29:39 -0500
Message-ID: <CAL02cgSf03cNW6U89jQKrqXB9bQRRCYx+engEkR1ksi4RH6ysg@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: "dane@ietf.org" <dane@ietf.org>
Content-Type: multipart/alternative; boundary=047d7b33cd745ac9d704ed34cf00
Subject: [dane] Digest identifiers in -registry-acronyms-02
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2013 21:29:47 -0000

(Sorry if this has already been raised, but...)

The digest identifiers in draft-ietf-dane-registry-acronyms-02 seem a
little silly, in that nobody else in the world really seems to care that
these are variants of SHA2.  The standard practice across many libraries is
to just use some variant of "SHA-XXX", where XXX=256,384,512.

OpenSSL: shaXXX
WebCrypto: SHA-XXX
BouncyCastle: SHAXXXDigest
CNG: BCRYPT_SHAXXX_ALGORITHM
PKCS#11: CKM_SHAXXX

So I would suggest we just change these to "SHA-256" and "SHA-512".

--Richard