RE: [Hash] BOF Goals

Robert Zuccherato <> Thu, 21 July 2005 14:05 UTC

Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1DvbgA-0000sy-EO; Thu, 21 Jul 2005 10:05:38 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1Dvbg9-0000qn-5w for; Thu, 21 Jul 2005 10:05:37 -0400
Received: from (ietf-mx []) by (8.9.1a/8.9.1a) with ESMTP id KAA02385 for <>; Thu, 21 Jul 2005 10:05:35 -0400 (EDT)
Received: from ([]) by with smtp (Exim 4.43) id 1DvcAB-0001vT-Ed for; Thu, 21 Jul 2005 10:36:40 -0400
Received: (qmail 32241 invoked from network); 21 Jul 2005 14:05:11 -0000
Received: from by with EntrustECS-Server-7.3.1; 21 Jul 2005 14:05:11 -0000
Received: from unknown (HELO ( by with SMTP; 21 Jul 2005 14:05:11 -0000
Received: by with Internet Mail Service (5.5.2657.72) id <PHK73LAQ>; Thu, 21 Jul 2005 10:05:12 -0400
Message-ID: <>
From: Robert Zuccherato <>
To: "'Jon Callas'" <>, Paul Hoffman <>
Subject: RE: [Hash] BOF Goals
Date: Thu, 21 Jul 2005 10:05:12 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e8a67952aa972b528dd04570d58ad8fe
X-Mailman-Version: 2.1.5
Precedence: list
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: multipart/mixed; boundary="===============1695286684=="

I would have to agree with Jon's comments.  The two approaches suggested in
the charter (hash truncation and randomized hashes) may very well end up
being the final solutions that we decide on.  However, there are still too
many open questions regarding the security, efficiency and suitability of
these constructions.  Given that many (most?) applications can simply switch
to using RSA with SHA-256 and that we have to wait for NIST on DSA anyway, I
don't think that there is any need to rush into anything.  Clearly there is
important work to be done.  As Jon said though, that work should probably be
done in the IRTF rather than the IETF.

In any case, it would probably be prudent to wait until after the
Cryptographic Hash Workshop at NIST (October 31st-November 1st) before
deciding upon any charter.  It is not unreasonable to expect the results of
that workshop to be relevant to what gets discussed here.

	Robert Zuccherato.

Hash mailing list