[Standards] hash agility in file transfer

Peter Saint-Andre stpeter at stpeter.im
Thu Jun 16 17:04:09 UTC 2011


On 6/16/11 1:51 AM, Dave Cridland wrote:

> My main concern is to leverage the IANA hash names, so we don't have to
> duplicate that work. (Of course, the W3C turn out to have already
> duplicated that work, with their very own, Invented Here™, list)

I think we could do either of these:

a. <hash xmlns='urn:xmpp:hash:sha-256:0'>...</hash>

(Nothing says the element name needs to be the algorithm name.)

b. <hash xmlns='urn:xmpp:hash:1' algo='sha-256'>...</hash>

Presumably if we choose (b) then we'd need to change the namespace every
time we add an algorithm...

<hash xmlns='urn:xmpp:hash:0' algo='sha-1'>...</hash>
<hash xmlns='urn:xmpp:hash:1' algo='sha-256'>...</hash>
<hash xmlns='urn:xmpp:hash:2' algo='sha-512'>...</hash>
<hash xmlns='urn:xmpp:hash:3' algo='sha-replacement-1'>...</hash>

And so on. I suppose that would provide an acceptable way to discover
which algorithms are supported.

We also need to think about *removing* support for deprecated algorithms
(MD2, MD5, etc.).

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6105 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20110616/b09761ed/attachment.bin>


More information about the Standards mailing list