[Standards] XEP-0115 redux
Joe Hildebrand
hildjj at gmail.com
Wed Jan 9 18:09:26 CST 2008
On Jan 9, 2008, at 4:45 PM, Peter Saint-Andre wrote:
> The statement "we all have SHA-1 implementations" provides a good
> argument for specifying SHA-1 as MTI. Code reuse and all that.
>
> If SHA-1 is found to be vulnerable to pre-image (*not* collision)
> attacks at some point in the future and those hypothetical pre-image
> attacks are found to be potentially practical, then we should
> strongly consider adding some other hashing algorithm to the MTI
> list or swapping out SHA-1 for something else. But that day may be
> so far off that some new hashing algorithm will be available by then
> (e.g., not something in the SHA family at all).
+1
--
Joe Hildebrand
More information about the Standards
mailing list