[Standards] Re: [jdev] XEP-0115: Entity Capabilities
Peter Saint-Andre
stpeter at jabber.org
Wed Jul 4 22:03:22 CDT 2007
Joe Hildebrand wrote:
>
> On Jul 4, 2007, at 5:35 AM, Ian Paterson wrote:
>
>> 'ext' and pre-defined sets only improve security if the choice of a
>> "weak" hash makes pre-image attacks "possible". So why don't we make
>> things easier for everyone and simply recommend a stronger hash instead?
>
> So, to pull those bits together, I'm recommending:
>
> base64(sha1(dave-formatted id/features))
Seems reasonable to me.
> which would give ver's that look like:
>
> C+7Hteo/D9vJXQ3UfzxbwnXaijM=
>
> Which is small enough for me.
Me too.
I'll write that up provisionally in XEP-0115 v1.4pre1 so we can see how
it looks...
/psa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20070704/0337330c/smime.bin
More information about the Standards
mailing list