[Standards] Re: [jdev] XEP-0115: Entity Capabilities

Joe Hildebrand hildjj at gmail.com
Wed Jul 4 14:18:56 UTC 2007


On Jul 4, 2007, at 5:35 AM, Ian Paterson wrote:

> 'ext' and pre-defined sets only improve security if the choice of a  
> "weak" hash makes pre-image attacks "possible". So why don't we  
> make things easier for everyone and simply recommend a stronger  
> hash instead?

So, to pull those bits together, I'm recommending:

base64(sha1(dave-formatted id/features))

which would give ver's that look like:

C+7Hteo/D9vJXQ3UfzxbwnXaijM=

Which is small enough for me.

-- 
Joe Hildebrand





More information about the Standards mailing list