IETF Logo Mail Archive

Re: NIST publishes new DSA draft

Ian G <iang@systemics.com> Fri, 17 March 2006 15:27 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FKGrt-00063v-OH for openpgp-archive@lists.ietf.org; Fri, 17 Mar 2006 10:27:57 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FKGrs-0002NH-AF for openpgp-archive@lists.ietf.org; Fri, 17 Mar 2006 10:27:57 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2HF3U8b063928; Fri, 17 Mar 2006 08:03:30 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k2HF3US0063927; Fri, 17 Mar 2006 08:03:30 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mailgate.enhyper.net ([80.168.109.121]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k2HF3SXZ063920 for <ietf-openpgp@imc.org>; Fri, 17 Mar 2006 08:03:29 -0700 (MST) (envelope-from iang@systemics.com)
Received: from [IPv6:::1] (localhost [127.0.0.1]) by mailgate.enhyper.net (Postfix) with ESMTP id 361EE4137A; Fri, 17 Mar 2006 15:03:23 +0000 (GMT)
Message-ID: <441ACF45.704@systemics.com>
Date: Fri, 17 Mar 2006 16:01:25 +0100
From: Ian G <iang@systemics.com>
Organization: http://financialcryptography.com/
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20051013)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: David Shaw <dshaw@jabberwocky.com>
Cc: Hal Finney <hal@finney.org>, ietf-openpgp@imc.org
Subject: Re: NIST publishes new DSA draft
References: <20060314194447.4D59A57FB0@finney.org> <20060316192823.GA9945@jabberwocky.com>
In-Reply-To: <20060316192823.GA9945@jabberwocky.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d

David Shaw wrote:
>>We might want to think about making SHA-256 be another MUST algorithm.
>>The only MUST hash now is SHA-1.  Making SHA-256 be a MUST would make
>>these new key sizes be more useful, and also give us an easier fallback
>>if SHA-1 should be broken.
> 
> 
> Unless DSA2 is also a MUST, I wonder what the practical advantage to
> that would be (beyond making the social point that we really, really
> want people to move away from SHA-1).


I think this is pretty much all of the point.  Any
new DSA signing method or other usage will likely
be non-obligatory, but pushing the implementations
into that direction seems useful.

> right answer.  Now that we have actual information about DSA2, perhaps
> it would be worth revisiting that question.  A new algorithm ID for
> DSA2 resolves a number of problems in one fell swoop as there is no
> expectation of interoperability.  SHA-256 is always usable
> (effectively the default) for DSA2, and there is no problem with
> knowing when it is possible to use truncation (always).

Sounds good to me.

iang

v2.23.0 | Report a Bug | By Email