Re: ASN.1 OID for TIGER/192

"Brian M. Carlson" <> Fri, 27 September 2002 15:57 UTC

Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id LAA25872 for <>; Fri, 27 Sep 2002 11:57:31 -0400 (EDT)
Received: (from majordomo@localhost) by (8.11.6/8.11.3) id g8RFonq12298 for ietf-openpgp-bks; Fri, 27 Sep 2002 08:50:49 -0700 (PDT)
Received: from ( []) by (8.11.6/8.11.3) with ESMTP id g8RFomv12294 for <>; Fri, 27 Sep 2002 08:50:48 -0700 (PDT)
Received: from [] (HELO stonewall) by (CommuniGate Pro SMTP 3.5.9) with SMTP id 21391875 for; Fri, 27 Sep 2002 10:50:49 -0500
Received: by stonewall (sSMTP sendmail emulation); Fri, 27 Sep 2002 15:50:54 +0000
From: "Brian M. Carlson" <>
Date: Fri, 27 Sep 2002 15:50:54 +0000
Subject: Re: ASN.1 OID for TIGER/192
Message-ID: <20020927155054.GB17939@stonewall>
References: <>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="nmemrqcdn5VTmUEE"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.4i
X-Operating-System: Linux stonewall 2.4.18-k7
Content-Conversion: prohibited
X-Request-PGP: finger://
Precedence: bulk
List-Archive: <>
List-Unsubscribe: <>
List-ID: <>

On Fri, Sep 27, 2002 at 08:55:50AM -0400, David Shaw wrote:
> Hello,
> In 2440 and in all the 2440bis drafts, the TIGER/192 hash is not fully
> usable as it has no OID.  Werner Koch and I, with the cooperation of
> TIGER's authors, recently arranged an OID for it:
> It would be good to put this in 2440bis so TIGER will be usable.

I agree. All we have left now is to get one for HAVAL-5-160.

> I have a sneaking suspicion that this may raise the question whether
> TIGER should be in the standard at all, as so long as it did not have
> an OID, the question was moot.  I have no strong feelings on this
> point, but if we are not going to allow the use of TIGER, then perhaps
> we should remove it from the standard altogether or explicitly
> disallow its use as the current halfway state is confusing now that
> there is an OID available.

I think that we should keep it in, although my opinion may be unpopular.
Few implementations allow the use of TIGER, and so those people who wish
to use it can use one of those implementations. It is useful for (gasp!)
Elgamal signatures, because it provides a larger hash algorithm and
therefore the hash algorithm is no longer the weakest link. (Please note
that TIGER is probably more widely implemented than SHA2, if I had to

I think it would be the height of silliness to have an algorithm in
the standard and prohibit its use. In fact, it is like revoking your
signature on someone's key: it is a vote of no confidence, a statement
that it is worthless. 

Brian M. Carlson <> <> 0x560553E7
To thine own self be true.  (If not that, at least make some money.)