Re: [openpgp] SHA3 algorithm ids.

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 10 August 2015 01:20 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66ABD1A6F27 for <openpgp@ietfa.amsl.com>; Sun, 9 Aug 2015 18:20:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rljghn_v3IF9 for <openpgp@ietfa.amsl.com>; Sun, 9 Aug 2015 18:20:22 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 505AA1A6F11 for <openpgp@ietf.org>; Sun, 9 Aug 2015 18:20:22 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 1188DBE4D; Mon, 10 Aug 2015 02:20:21 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u3ALARDamUTc; Mon, 10 Aug 2015 02:20:19 +0100 (IST)
Received: from [10.87.48.73] (unknown [86.46.29.218]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id CCCC7BE3E; Mon, 10 Aug 2015 02:20:18 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1439169618; bh=XrTqAf3Qbdg+wa85dV632AZez6M/njOMkWILxBifKDo=; h=Date:From:To:Subject:References:In-Reply-To:From; b=jzrzT2hyejGWdsGm9BGOI1VVuGZ2aC5xnNaypxx+hdeg2zJ3CnInetbOsQqSFmG2z SG2La4rkb9knZEssw7smRHVHnbkpJE6WF4fgOoWBvKEMVAuaq2BOAAYceYQ3ul88Gp Qvuo+wzketbMlRlYWh+x5ap1CKS71zz/USiHpGLQ=
Message-ID: <55C7FC52.8060904@cs.tcd.ie>
Date: Mon, 10 Aug 2015 02:20:18 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
MIME-Version: 1.0
To: Phillip Hallam-Baker <phill@hallambaker.com>, IETF OpenPGP <openpgp@ietf.org>
References: <87y4hmi19i.fsf@vigenere.g10code.de> <CAMm+Lwix6_TqDcmnNvH341NFeimA989mayQXx-a=w5v+OrpJDw@mail.gmail.com>
In-Reply-To: <CAMm+Lwix6_TqDcmnNvH341NFeimA989mayQXx-a=w5v+OrpJDw@mail.gmail.com>
OpenPGP: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/x8fS-AtNsGMJD6v3fkf-8vSw03A>
Subject: Re: [openpgp] SHA3 algorithm ids.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 01:20:25 -0000

Just on the process crapology...

On 08/08/15 14:48, Phillip Hallam-Baker wrote:
> This is an IANA maintained registry so IANA picks the code points while
> they are in charge.
> 
> But what is sometimes done when there is a working group working on a
> protocol with a lot of code points, the registry is moved out of IANA
> control and someone in the WG manages it. This is the way PKIX worked.

That's out of date. We've moved those PKIX registries to IANA and Russ
no longer manages 'em and more importantly here we've put in place a
process for early allocation of IANA code points in RFC 7020. [1]

In terms of code points for use of sha-3 in pgp, my reading of 7120
would be that the list will discuss and the chairs will judge if rough
consensus has been reached at which point the chairs will have the
backing of folks participating in the WG to allocate code points
early.

Cheers,
S.

PS: A nice side-effect of using 7120 - IANA regularly send the IESG a
summary of the early allocations that will soon expire. That's a
great way to kick a WG into finishing a bit of work they ought have
gotten done ages before:-)


[1] https://tools.ietf.org/html/rfc7120

> 
> It is also possible that the way to do this would be for a single document
> to propose code points for all the active crypto specs.
> 
> 
> 
> On Sat, Aug 8, 2015 at 5:21 AM, Werner Koch <wk@gnupg.org>; wrote:
> 
>> Hi!
>>
>> Now that an official SHA3 specs has been published I would like to see
>> algorithm ids assigned.  Although it is some time until we can publish
>> rfc-4880bis, it would be useful to agree on the algorithm ids now.
>> This would be helpful for experimental implementations.  Thus what about
>> this new table with the SHA2 drop in replacements:
>>
>>       ID           Algorithm                             Text Name
>>       --           ---------                             ---------
>>       1          - MD5 [HAC]                             "MD5"
>>       2          - SHA-1 [FIPS180]                       "SHA1"
>>       3          - RIPE-MD/160 [HAC]                     "RIPEMD160"
>>       4          - Reserved
>>       5          - Reserved
>>       6          - Reserved
>>       7          - Reserved
>>       8          - SHA256 [FIPS180]                      "SHA256"
>>       9          - SHA384 [FIPS180]                      "SHA384"
>>       10         - SHA512 [FIPS180]                      "SHA512"
>>       11         - SHA224 [FIPS180]                      "SHA224"
>>       12         - SHA3-224 [FIPS202]                    "SHA3-224"
>>       13         - SHA3-256 [FIPS202]                    "SHA3-256"
>>       14         - SHA3-384 [FIPS202]                    "SHA3-384"
>>       15         - SHA3-512 [FIPS202]                    "SHA3-512"
>>       100 to 110 - Private/Experimental algorithm
>>
>> Note that I ordered SHA3-224 first; when we did SHA2 we forgot about 224
>> and thus it ended up out of order.
>>
>> I am not sure about the text name.  Is a dash okay (cf. armor header)?
>>
>> The OIDS are:
>>
>>    The hexadecimal representations for the
>>    currently defined hash algorithms are as follows:
>>
>>      [...]
>>
>>      - SHA3-224:   0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x07
>>      - SHA3-256:   0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x08
>>      - SHA3-384:   0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x09
>>      - SHA3-512:   0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0a
>>
>>    The ASN.1 Object Identifiers (OIDs) are as follows:
>>
>>      [...]
>>
>>      - SHA3-224:   2.16.840.1.101.3.4.2.7
>>      - SHA3-256:   2.16.840.1.101.3.4.2.8
>>      - SHA3-384:   2.16.840.1.101.3.4.2.9
>>      - SHA3-512:   2.16.840.1.101.3.4.2.10
>>
>>    The full hash prefixes for these are as follows:
>>
>>        [...]
>>
>>        SHA3-224:   0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
>>                    0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x07, 0x05,
>>                    0x00, 0x04, 0x40
>>
>>        SHA3-256:   0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
>>                    0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x07, 0x05,
>>                    0x00, 0x04, 0x40
>>
>>        SHA3-384:   0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
>>                    0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x07, 0x05,
>>                    0x00, 0x04, 0x40
>>
>>        SHA3-512:   0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
>>                    0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x07, 0x05,
>>                    0x00, 0x04, 0x40
>>
>>
>>
>> Shalom-Salam,
>>
>>    Werner
>>
>>
>> --
>> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>>
>> _______________________________________________
>> openpgp mailing list
>> openpgp@ietf.org
>> https://www.ietf.org/mailman/listinfo/openpgp
>>
> 
> 
> 
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
>