Re: Call for consensus: Re: Reviving RSA/SHA256
Edward Lewis <Ed.Lewis@neustar.biz> Wed, 26 September 2007 15:48 UTC
Return-path: <owner-namedroppers@ops.ietf.org>
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IaZ85-0007zc-Pp; Wed, 26 Sep 2007 11:48:49 -0400
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IaZ7z-0005kt-KF; Wed, 26 Sep 2007 11:48:49 -0400
Received: from majordom by psg.com with local (Exim 4.67 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1IaYww-000OIZ-3g for namedroppers-data@psg.com; Wed, 26 Sep 2007 15:37:18 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.1 (2007-05-02) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00, MIME_QP_LONG_LINE,RDNS_NONE autolearn=no version=3.2.1
Received: from [66.92.146.160] (helo=ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.67 (FreeBSD)) (envelope-from <Ed.Lewis@neustar.biz>) id 1IaYws-000OIG-Vw for namedroppers@ops.ietf.org; Wed, 26 Sep 2007 15:37:16 +0000
Received: from [192.168.1.100] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id l8QFb8T2086110; Wed, 26 Sep 2007 11:37:09 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz)
Mime-Version: 1.0
Message-Id: <a0624081ec3202b4d7039@[192.168.1.100]>
In-Reply-To: <200709241402.l8OE2ECn069916@ogud.com>
References: <46E6E419.50301@NLnetLabs.nl> <200709111952.l8BJqX7G094742@ogud.com> <200709241402.l8OE2ECn069916@ogud.com>
Date: Wed, 26 Sep 2007 11:37:04 -0400
To: Ólafur Guðmundsson /DNSEXT chair <ogud@ogud.com>
From: Edward Lewis <Ed.Lewis@neustar.biz>
Subject: Re: Call for consensus: Re: Reviving RSA/SHA256
Cc: namedroppers@ops.ietf.org
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 2.63 on 66.92.146.160
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-id: DNSEXT discussion <namedroppers.ops.ietf.org>
X-Spam-Score: -2.2 (--)
X-Scan-Signature: 5a9a1bd6c2d06a21d748b7d0070ddcb8
At 10:01 -0400 9/24/07, Ólafur Guðmundsson /DNSEXT chair wrote: >Dear Colleagues > >So far I have counted in support: >Jelte Jansen (ed.), Olaf Kolkman, Scott Rose, Roy Arends, John Dickinson. I think the work should be (re)written up. I looked at the retired draft and would suggest that in somewhere it suggest that if a validator is able to make the choice between hashes, it chooses the strongest one. (What if the strong fails and the weak fails? - discuss...) Given that the group is alleged to be moribund, this work could be just individual except for the face that the WG bounced this before it died. Not sure what the ethical answer is here - and what does it mean for the WG to now give it a go-ahead? >Mike StJohns wants to use this as an opportunity to rationalize >how new hashes are added to existing Signature Algorithms. >Mike also raises the issue of truncated SHA-256 hashes. I'd like to see that written up before passing judgement - the hundred flowers sense. >Other posters did not express support or argue against adopting >the work, are there others that have an opinion on the adoption of >this work please speak up before Oct 1'st 2007. From what I gather from crypto experts, crypto has a short half-life. There are going to be needs to update crypto stuff well into the future. So, do we keep a WG on life support for this? Or do we just say "go ahead and build, use the IANA registry to record the definitions" as the protocol "framework" is done? Is the right answer from the WG's grave to "go forth and multiply, tell IANA, we've taken care of all the other rules already?" Or does the WG have to process and stamp all of this? BTW, what's up with the RFC2929bis? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-571-434-5468 NeuStar Think glocally. Act confused. -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- Re: Call for consensus: Re: Reviving RSA/SHA256 Paul Vixie
- Re: Call for consensus: Re: Reviving RSA/SHA256 Edward Lewis
- Re: Call for consensus: Re: Reviving RSA/SHA256 Edward Lewis
- Re: Call for consensus: Re: Reviving RSA/SHA256 Mark Andrews