>> With these numbers, I withdraw my support of including anything else >> than SHA256 as MTI. I think specifying Blake2B or 2S as well makes >> sense (mostly for crypto robustness reasons for having alternative >> that is specified) but making it MAY-SHOULD seems sensible to me.
> I can probably live with that :) Excellent, it looks like we're converging. Thanks to both of you for the informative and kind discussion. At this stage, I see four possibilities: (1) leave the document as it is; (2) add a mention that implementation of Blake2S is RECOMMENDED (SHOULD); (3) add a mention that implementation of Blake2B is RECOMMENDED; (4) add a mention that implementation of both 2B and 2S is RECOMMENDED. I am in favour of (1), since I am convinced that SHA256 is fast enough for all reasonable devices. (2) makes sense to me, and I won't oppose it. I'll need some convincing in order to do (3) or (4), since Blake2B does not appear bring any significant speed advantage over SHA256. In either case, I'm planning to implement SHA256, Blake2B and Blake2S in the reference implementation. -- Juliusz _______________________________________________ Babel-users mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/babel-users
