IETF Logo Mail Archive

Re: [saag] SHA-1 to SHA-n transition

"Hallam-Baker, Phillip" <pbaker@verisign.com> Wed, 25 February 2009 22:02 UTC

Return-Path: <pbaker@verisign.com>
X-Original-To: saag@core3.amsl.com
Delivered-To: saag@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 55EDF3A6912 for <saag@core3.amsl.com>; Wed, 25 Feb 2009 14:02:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.547
X-Spam-Level:
X-Spam-Status: No, score=-5.547 tagged_above=-999 required=5 tests=[AWL=-0.345, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d0QCRm5wFrE3 for <saag@core3.amsl.com>; Wed, 25 Feb 2009 14:02:08 -0800 (PST)
Received: from colibri.verisign.com (colibri.verisign.com [65.205.251.74]) by core3.amsl.com (Postfix) with ESMTP id E72313A68E4 for <saag@ietf.org>; Wed, 25 Feb 2009 14:02:07 -0800 (PST)
Received: from MOU1WNEXCN02.vcorp.ad.vrsn.com (mailer2.verisign.com [65.205.251.35]) by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id n1PLc7u9018661; Wed, 25 Feb 2009 13:38:07 -0800
Received: from MOU1WNEXMB09.vcorp.ad.vrsn.com ([10.25.15.197]) by MOU1WNEXCN02.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 25 Feb 2009 14:02:28 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C99794.BF3D2A56"
Date: Wed, 25 Feb 2009 14:02:27 -0800
Message-ID: <2788466ED3E31C418E9ACC5C3166155768B2CB@mou1wnexmb09.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [saag] SHA-1 to SHA-n transition
Thread-Index: AcmXg1Y7xVXyrzTlS+6/sU1/NXLwuQAD5SAr
References: <p06240802c5c5c22d92f0@[128.89.89.88]><200902231914.n1NJEDA3011916@raisinbran.srv.cs.cmu.edu><5A6509457B6F0F71878AA5D2@atlantis.pc.cs.cmu.edu><2788466ED3E31C418E9ACC5C3166155768B2C7@mou1wnexmb09.vcorp.ad.vrsn.com> <200902251951.OAA23103@Sparkle.Rodents-Montreal.ORG>
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: der Mouse <mouse@Rodents-Montreal.ORG>, saag@ietf.org
X-OriginalArrivalTime: 25 Feb 2009 22:02:28.0178 (UTC) FILETIME=[BF929B20:01C99794]
Subject: Re: [saag] SHA-1 to SHA-n transition
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Feb 2009 22:02:09 -0000

We have a choice here.
 
Either we have a debate in which people bring up rational technical points or we have a free for all in which people claim a privileged position that allows them to block any proposed change to the status quo without giving a technical reason that can be challeged.
 
My gut is telling me that we have a very serious problem that is going to bite us down the road. And I can give solid technical reasons to back that feeling.
 
We have the same set of arguments whenever someone suggests that the IETF consider practical deployment issues. It is never the right time to raise these issues and they are never raised in the right way.
 
 
Let us stick to the technical issues here:
 
* Is the current transition plan viable or does it fail in the way that I predict
* Is the proposed solution viable?
* Is there a better solution?
 
 

________________________________

From: saag-bounces@ietf.org on behalf of der Mouse
Sent: Wed 2/25/2009 2:46 PM
To: saag@ietf.org
Subject: Re: [saag] SHA-1 to SHA-n transition



> As with an earlier case where a past Security AD blocked a necessary
> protocol change because it 'gave him a bad gut feeling'.  While
> making decisions based on the examination of intestines was all the
> rage in ancient Rome, it should be avoided.

I don't know the particular case you're talking about, nor do I really
want to, so I specifically want to avoid commenting on that case.  But
I would hesitate to summarily write off the gut feeling of someone
experienced, which is more or less what I read your second sentence as;
much of what experience _is_ amounts to training one's gut feeling.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse@rodents-montreal.org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinfo/saag

v2.23.0 | Report a Bug | By Email