[Standards] [Fwd: [Council] meeting minutes, 2007-11-21]

Dave Cridland dave at cridland.net
Thu Nov 22 15:03:23 UTC 2007

On Wed Nov 21 23:34:40 2007, Boyd Fletcher wrote:
> SHA-1 is no longer cryptographically sound. We should be using the  
> SHA-2
> class of hashes and probably set SHA-256 as the minimum.

No, we shouldn't. MD5 is perfectly cryptographically sound for this  
work, let alone SHA-1. There is a huge - and significant - difference  
between a second preimage attack and a collision.

> On 11/21/07 6:22 PM, "Joe Hildebrand" <hildjj at gmail.com> wrote:
> > Are we realistically *ever* going to define a new hash algorithm?
> > Imagine the breakage that would ensue.
> > 

Well, maybe. We need to ensure that clients know what to do when  
faced with a new, and possibly unknown, hash.

As for ever changing it, if a technique for mounting a second  
preimage attack actually becomes available, then we'll have to.

> > This reminds me, though, that if we don't specify hash, the v
> > attribute cannot be optional for new caps; otherwise receivers  
> won't
> > know whether this is an old or new caps declaration.

That too. :-)

Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

More information about the Standards mailing list