Re: [dane] Digest identifiers in -registry-acronyms-02

Olafur Gudmundsson <ogud@ogud.com> Tue, 10 December 2013 21:34 UTC

Return-Path: <ogud@ogud.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A44DB1AE0D0 for <dane@ietfa.amsl.com>; Tue, 10 Dec 2013 13:34:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ku75_B9lCAZh for <dane@ietfa.amsl.com>; Tue, 10 Dec 2013 13:34:40 -0800 (PST)
Received: from smtp76.ord1c.emailsrvr.com (smtp76.ord1c.emailsrvr.com [108.166.43.76]) by ietfa.amsl.com (Postfix) with ESMTP id EF4021AD73F for <dane@ietf.org>; Tue, 10 Dec 2013 13:34:39 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp2.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 950671E8235; Tue, 10 Dec 2013 16:34:34 -0500 (EST)
X-Virus-Scanned: OK
Received: by smtp2.relay.ord1c.emailsrvr.com (Authenticated sender: ogud-AT-ogud.com) with ESMTPSA id 88F471E820C; Tue, 10 Dec 2013 16:34:32 -0500 (EST)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Olafur Gudmundsson <ogud@ogud.com>
In-Reply-To: <CAL02cgSf03cNW6U89jQKrqXB9bQRRCYx+engEkR1ksi4RH6ysg@mail.gmail.com>
Date: Tue, 10 Dec 2013 16:34:31 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <278BCBAE-5D0C-42F5-A73A-D31B6CCF93BF@ogud.com>
References: <CAL02cgSf03cNW6U89jQKrqXB9bQRRCYx+engEkR1ksi4RH6ysg@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
X-Mailer: Apple Mail (2.1510)
Cc: "dane@ietf.org" <dane@ietf.org>
Subject: Re: [dane] Digest identifiers in -registry-acronyms-02
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2013 21:34:41 -0000

On Dec 10, 2013, at 4:29 PM, Richard Barnes <rlb@ipv.sx> wrote:

> (Sorry if this has already been raised, but…)
> 
> The digest identifiers in draft-ietf-dane-registry-acronyms-02 seem a little silly, in that nobody else in the world really seems to care that these are variants of SHA2.  The standard practice across many libraries is to just use some variant of "SHA-XXX", where XXX=256,384,512.
> 

Richard, 

First version had this but an comment was made that we could have both SHA2  and SHA3 in 512 bit variant thus the recommendation 
was to future proof us. 

> OpenSSL: shaXXX
> WebCrypto: SHA-XXX
> BouncyCastle: SHAXXXDigest
> CNG: BCRYPT_SHAXXX_ALGORITHM
> PKCS#11: CKM_SHAXXX
> 
> So I would suggest we just change these to "SHA-256" and "SHA-512".

Unless the chair's tell me to make the change it will not be made, 
feel free to bring this up in the IETF LC if you think this is important. 

	Olafur

> 
> --Richard
> 
> _______________________________________________
> dane mailing list
> dane@ietf.org
> https://www.ietf.org/mailman/listinfo/dane