[Standards] [Fwd: [Council] meeting minutes, 2007-11-21]
dave at cridland.net
Thu Nov 22 15:03:23 UTC 2007
On Wed Nov 21 23:34:40 2007, Boyd Fletcher wrote:
> SHA-1 is no longer cryptographically sound. We should be using the
> class of hashes and probably set SHA-256 as the minimum.
No, we shouldn't. MD5 is perfectly cryptographically sound for this
work, let alone SHA-1. There is a huge - and significant - difference
between a second preimage attack and a collision.
> On 11/21/07 6:22 PM, "Joe Hildebrand" <hildjj at gmail.com> wrote:
> > Are we realistically *ever* going to define a new hash algorithm?
> > Imagine the breakage that would ensue.
Well, maybe. We need to ensure that clients know what to do when
faced with a new, and possibly unknown, hash.
As for ever changing it, if a technique for mounting a second
preimage attack actually becomes available, then we'll have to.
> > This reminds me, though, that if we don't specify hash, the v
> > attribute cannot be optional for new caps; otherwise receivers
> > know whether this is an old or new caps declaration.
That too. :-)
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards