IETF Logo Mail Archive

Re: [openpgp] Default preferences for the future

"HANSEN, TONY L" <tony@att.com> Tue, 21 March 2017 14:07 UTC

Return-Path: <tony@att.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DD59129705 for <openpgp@ietfa.amsl.com>; Tue, 21 Mar 2017 07:07:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.396
X-Spam-Level:
X-Spam-Status: No, score=-5.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.796, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id czFoLNI1bz3V for <openpgp@ietfa.amsl.com>; Tue, 21 Mar 2017 07:07:20 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F241B129408 for <openpgp@ietf.org>; Tue, 21 Mar 2017 07:07:18 -0700 (PDT)
Received: from pps.filterd (m0049459.ppops.net [127.0.0.1]) by m0049459.ppops.net-00191d01. (8.16.0.17/8.16.0.17) with SMTP id v2LE51tH017597; Tue, 21 Mar 2017 10:07:16 -0400
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049459.ppops.net-00191d01. with ESMTP id 29at187fa6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Mar 2017 10:07:15 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v2LE7F6l024770; Tue, 21 Mar 2017 10:07:15 -0400
Received: from mlpi407.sfdc.sbc.com (mlpi407.sfdc.sbc.com [130.9.128.239]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v2LE72tO024439 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 21 Mar 2017 10:07:09 -0400
Received: from MISOUT7MSGHUBAD.ITServices.sbc.com (MISOUT7MSGHUBAD.itservices.sbc.com [130.9.129.148]) by mlpi407.sfdc.sbc.com (RSA Interceptor); Tue, 21 Mar 2017 14:06:46 GMT
Received: from MISOUT7MSGUSRCG.ITServices.sbc.com ([169.254.7.103]) by MISOUT7MSGHUBAD.ITServices.sbc.com ([130.9.129.148]) with mapi id 14.03.0319.002; Tue, 21 Mar 2017 10:06:46 -0400
From: "HANSEN, TONY L" <tony@att.com>
To: "Mark D. Baushke" <mdb@juniper.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Default preferences for the future
Thread-Index: AQHSoccv8pfaKozLUUeVJmfgHHUo96GeXBeFgAD5GYA=
Date: Tue, 21 Mar 2017 14:06:45 +0000
Message-ID: <56ED3B74-0BA4-4DC2-943E-B1CCD1F32AE2@att.com>
References: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch> <52027.1490051694@eng-mail01.juniper.net>
In-Reply-To: <52027.1490051694@eng-mail01.juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.110.240.165]
Content-Type: text/plain; charset="utf-8"
Content-ID: <744E50B22F115841B911A9B05727CBC8@LOCAL>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-21_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703210125
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/LEdDUgWo6hSNQO4Qy4xqr-1tkcg>
Subject: Re: [openpgp] Default preferences for the future
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 14:07:23 -0000

FIPS 180-4 also defines SHA2-512/224 and SHA2-512/256. Should they be added to the table?

	Tony Hansen

On 3/20/17, 7:14 PM, "openpgp on behalf of Mark D. Baushke" <openpgp-bounces@ietf.org on behalf of mdb@juniper.net> wrote:

    As an editorial remark, it would be nice if rfc4880bis were to use
    a consistent representation for the secure hash algorithm families.
    SHA1 is sometimes written as SHA1 and sometimes written as SHA-1.
    
    I will also note that "SHA224" "SHA256" "SHA384" "SHA512" "SHA-224"
    "SHA-256" "SHA-384" and "SHA-512" might want to be more completely
    specified as members of the SHA-2 family [FISP180] by using the tag
    "SHA2-224" "SHA2-256" "SHA2-384" and "SHA2-512" as the algorithm name in
    section 9.5 as compared with members of the SHA-3 [FIPS202] family of
    algorithms: SHA3-224, SHA3-256, SHA3-384, SHA3-512 (noting that the
    SHA-3 family are NOT YET a part of rfc4880bis).
    
    https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-01
----------%<----------%<----------%<----------%<----------%<----------
    …
    and suggested update to section 9.5:
    
    ----------%<----------%<----------%<----------%<----------%<----------
    9.5.  {9.4} Hash Algorithms
    
          +-----------+---------------------------------+--------------+
          |        ID | Algorithm                       | Text Name    |
          +-----------+---------------------------------+--------------+
          |         1 | MD5 [HAC]                       | "MD5"        |
          |         2 | SHA-1 [FIPS180]                 | "SHA1"       |
          |         3 | RIPE-MD/160 [HAC]               | "RIPEMD160"  |
          |         4 | Reserved                        |              |
          |         5 | Reserved                        |              |
          |         6 | Reserved                        |              |
          |         7 | Reserved                        |              |
          |         8 | SHA2-256 [FIPS180]              | "SHA256"     |
          |         9 | SHA2-384 [FIPS180]              | "SHA384"     |
          |        10 | SHA2-512 [FIPS180]              | "SHA512"     |
          |        11 | SHA2-224 [FIPS180]              | "SHA224"     |
          |  100--110 | Private/Experimental algorithm  |              |
          +-----------+---------------------------------+--------------+
    
       Implementations SHOULD implement SHA-1.  Implementations MUST
       implement SHA256. Implementations MAY implement other algorithms.
       MD5 and RIPE-MD/160 are deprecated.
    
    ----------%<----------%<----------%<----------%<----------%<----------

v2.23.0 | Report a Bug | By Email