Re: [TLS] FNV versus SHA-1 in cached info
"Kemp, David P." <DPKemp@missi.ncsc.mil> Fri, 07 May 2010 13:22 UTC
Return-Path: <DPKemp@missi.ncsc.mil>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9B1643A6811 for <tls@core3.amsl.com>; Fri, 7 May 2010 06:22:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.137
X-Spam-Level:
X-Spam-Status: No, score=-4.137 tagged_above=-999 required=5 tests=[AWL=-0.139, BAYES_50=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id knVV1WONFYqd for <tls@core3.amsl.com>; Fri, 7 May 2010 06:22:43 -0700 (PDT)
Received: from stingray.missi.ncsc.mil (stingray.missi.ncsc.mil [144.51.50.20]) by core3.amsl.com (Postfix) with ESMTP id 374803A6B65 for <tls@ietf.org>; Fri, 7 May 2010 06:22:02 -0700 (PDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CAEDE8.34C34E44"
Date: Fri, 07 May 2010 09:21:29 -0400
Message-ID: <201005071321.o47DLVv5003311@stingray.missi.ncsc.mil>
In-Reply-To: <C809C29C.A99B%stefan@aaa-sec.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] FNV versus SHA-1 in cached info
Thread-Index: Acrt1mb76BxWpF2zLEmH7x0p3McNTQADhp6g
References: <C809C29C.A99B%stefan@aaa-sec.com>
From: "Kemp, David P." <DPKemp@missi.ncsc.mil>
To: Stefan Santesson <stefan@aaa-sec.com>, tls@ietf.org
X-OriginalArrivalTime: 07 May 2010 13:22:42.0390 (UTC) FILETIME=[5F7FFF60:01CAEDE8]
Subject: Re: [TLS] FNV versus SHA-1 in cached info
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 May 2010 13:22:49 -0000
> I would not have any problem with using SHA-1 if it could be used with no > agility what so ever. But I seriously doubt that this will be accepted and for > that reason I would like to keep FNV. > > Please provide your thoughts and comments so we can close this issue and move on. > > Stefan My thoughts exactly. I originally believed that non-negotiable SHA-1 would be free of controversy, but since that has turned out not to be the case, I favor keeping FNV. If Eric can get Russ to mandate that the TLS WG SHALL accept the use of SHA-1 for a non-cryptographic purpose (truncated to 64 bits for emphasis as well as for bandwidth, and not subject to agility requirements), that would be a reasonable outcome. But that's not the IETF way. Using SHA-256 for this purpose is unreasonable, and I would not be in favor of any outcome that would cause that to happen. Dave
- Re: [TLS] FNV versus SHA-1 in cached info Kemp, David P.
- Re: [TLS] FNV versus SHA-1 in cached info Stefan Santesson
- [TLS] FNV versus SHA-1 in cached info Stefan Santesson
- Re: [TLS] FNV versus SHA-1 in cached info Stefan Santesson
- Re: [TLS] FNV versus SHA-1 in cached info Simon Josefsson
- Re: [TLS] FNV versus SHA-1 in cached info Kemp, David P.
- Re: [TLS] FNV versus SHA-1 in cached info Adam Langley
- Re: [TLS] FNV versus SHA-1 in cached info Nicolas Williams
- Re: [TLS] FNV versus SHA-1 in cached info Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] FNV versus SHA-1 in cached info Nicolas Williams
- Re: [TLS] FNV versus SHA-1 in cached info Blumenthal, Uri - 0668 - MITLL
- Re: [TLS] FNV versus SHA-1 in cached info Stefan Santesson
- Re: [TLS] FNV versus SHA-1 in cached info Nicolas Williams
- Re: [TLS] FNV versus SHA-1 in cached info Michael D'Errico
- Re: [TLS] FNV versus SHA-1 in cached info Kemp, David P.
- Re: [TLS] FNV versus SHA-1 in cached info Nicolas Williams
- Re: [TLS] FNV versus SHA-1 in cached info Stefan Santesson
- Re: [TLS] FNV versus SHA-1 in cached info Nicolas Williams
- Re: [TLS] FNV versus SHA-1 in cached info Paul Hoffman