Re: [keyassure] Opening issue #21: "Need to specify which crypto algorithms and certificate types are mandatory to implement"

Jakob Schlyter <jakob@kirei.se> Sun, 06 March 2011 08:40 UTC

Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
From: Jakob Schlyter <jakob@kirei.se>
In-Reply-To: <4D725DF4.5000806@vpnc.org>
Date: Sun, 06 Mar 2011 09:41:13 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <C2AE0FD2-086D-43AE-A6F5-43EB960E9FEE@kirei.se>
References: <9933A160-3DAF-42FA-B5FA-DDF185FA5C63@kumari.net> <7CDBED48-C800-4169-AF59-72075BA7EC2E@kumari.net> <AANLkTi=nKOHDajvY5Sd48p9kSbk5DUaLPFU_OE8f7Mck@mail.gmail.com> <8A18EE8A-EA0B-4AB5-A222-5D572458E9F1@kirei.se> <4D725DF4.5000806@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: keyassure@ietf.org
Subject: Re: [keyassure] Opening issue #21: "Need to specify which crypto algorithms and certificate types are mandatory to implement"
Precedence: list

On 5 mar 2011, at 16.59, Paul Hoffman wrote:

> This is not an argument against SHA-512, but if we are going to make arguments for its use, let's make sensible ones. I don't think there are many sensible ones for anything other than SHA-1, so we can just pick what we want.

I agree and after some more thinking (and reading) about this I do believe we should settle for SHA-256 and SHA-384 as the initial set of, and mandatory to implement, digest algorithms for TLSA (just as Warren proposed).

	jakob

[keyassure] Opening issue #21: "Need to specify w… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Jakob Schlyter
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Stephen Farrell
Re: [keyassure] Opening issue #21: "Need to speci… Nicholas Weaver
Re: [keyassure] Opening issue #21: "Need to speci… Chris Palmer
Re: [keyassure] Opening issue #21: "Need to speci… Stephen Farrell
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Nicholas Weaver
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Stephen Farrell
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Scott Schmit
Re: [keyassure] Opening issue #21: "Need to speci… Stephen Farrell
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Sean Turner
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
[keyassure] crypto hash alg deprecation is a myth Martin Rex
Re: [keyassure] crypto hash alg deprecation is a … Rob Stradling
Re: [keyassure] crypto hash alg deprecation is a … Phillip Hallam-Baker
Re: [keyassure] crypto hash alg deprecation is a … Andrew Sullivan
Re: [keyassure] Opening issue #21: "Need to speci… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] crypto hash alg deprecation is a … Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Nicholas Weaver
Re: [keyassure] Opening issue #21: "Need to speci… Yoav Nir
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Andrew Sullivan
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Andrew Sullivan
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… bmanning
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Murray S. Kucherawy
Re: [keyassure] Opening issue #21: "Need to speci… Murray S. Kucherawy
Re: [keyassure] Opening issue #21: "Need to speci… Ben Laurie
Re: [keyassure] Opening issue #21: "Need to speci… Jakob Schlyter
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… George Barwood
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Jakob Schlyter
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… Yoav Nir
Re: [keyassure] Opening issue #21: "Need to speci… Chris Palmer
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Chris Palmer
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Chris Palmer
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… bmanning
Re: [keyassure] Opening issue #21: "Need to speci… Brian Smith
Re: [keyassure] Opening issue #21: "Need to speci… Jakob Schlyter
Re: [keyassure] Opening issue #21: "Need to speci… Ben Laurie
Re: [keyassure] Opening issue #21: "Need to speci… Rob Stradling
Re: [keyassure] Opening issue #21: "Need to speci… George Barwood
Re: [keyassure] Opening issue #21: "Need to speci… Sean Turner
Re: [keyassure] Opening issue #21: "Need to speci… Nicholas Weaver
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Martin Rex
Re: [keyassure] Opening issue #21: "Need to speci… bmanning
Re: [keyassure] Opening issue #21: "Need to speci… bmanning
Re: [keyassure] Opening issue #21: "Need to speci… Yoav Nir
Re: [keyassure] Opening issue #21: "Need to speci… Phillip Hallam-Baker
Re: [keyassure] Opening issue #21: "Need to speci… Chris Palmer
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Peter Gutmann
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Paul Hoffman
Re: [keyassure] Opening issue #21: "Need to speci… Warren Kumari
Re: [keyassure] Opening issue #21: "Need to speci… Tony Hansen