RE: [Sam Hartman] Openpgp comments

"Anton Stiglic" <astiglic@okiok.com> Wed, 20 September 2006 12:12 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GQ0wi-0007FP-Qv for openpgp-archive@lists.ietf.org; Wed, 20 Sep 2006 08:12:56 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GQ0wg-0004on-E8 for openpgp-archive@lists.ietf.org; Wed, 20 Sep 2006 08:12:56 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8KBefRu084556; Wed, 20 Sep 2006 04:40:41 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k8KBef1t084555; Wed, 20 Sep 2006 04:40:41 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.okiok.com (host70.okiok.com [207.61.238.70] (may be forged)) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k8KBedD0084547 for <ietf-openpgp@imc.org>; Wed, 20 Sep 2006 04:40:40 -0700 (MST) (envelope-from astiglic@okiok.com)
Received: from P1038Mobile (modemcable188.189-82-70.mc.videotron.ca [70.82.189.188]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mail.okiok.com (Postfix) with ESMTP id 9E8981683A9; Wed, 20 Sep 2006 07:51:46 -0400 (EDT)
From: "Anton Stiglic" <astiglic@okiok.com>
To: "'Daniel A. Nagy'" <nagydani@epointsystem.org>, "'OpenPGP'" <ietf-openpgp@imc.org>
Subject: RE: [Sam Hartman] Openpgp comments
Date: Wed, 20 Sep 2006 07:40:35 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
In-Reply-To: <20060919231313.GA10365@epointsystem.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
Thread-Index: AcbcRbod4xVLm9xWSV+FRl3pUEIhwQAY2TaQ
Message-Id: <20060920115146.9E8981683A9@mail.okiok.com>
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 1.8 (+)
X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464

NIST is planning to phase out SHA-1 by 2010, they are going with SHA-224,
SHA-256, SHA-384 and SHA-512.  
http://csrc.nist.gov/hash_standards_comments.pdf

In Canada, CSE will phase out SHA-1 for protected C information by 2008.

I don't know what is going on in Europe and the rest of the world, but I
would be surprised if they were going with SHA-1 in the long term.
You cannot ignore these decisions if you want openpgp to be successful.

--Anton


-----Original Message-----
From: owner-ietf-openpgp@mail.imc.org
[mailto:owner-ietf-openpgp@mail.imc.org] On Behalf Of Daniel A. Nagy
Sent: September 19, 2006 6:13 PM
To: OpenPGP
Subject: Re: [Sam Hartman] Openpgp comments

On Tue, Sep 19, 2006 at 06:55:32PM -0400, David Shaw wrote:

> I'm not against a SHA-256 or 512 based MDC.

This would make encryption/decryption measurably slower, for no benefit
whatsoever. SHA1 provides a comfortable security margin even taking all
recent developments into consideration.

-- 
Daniel