On Fri, Jun 08, 2012 at 05:08:40PM -0400, Warren Kumari wrote: > Unless we hear SCOAT (Strong Clear Objections with Alternate Text) by > Wednesday June 13th we will remove the old text. > > ---------------------------------------------------------------------------- > > Based on the briefing in the SAAG Session at IETF 83, I strongly > suggest that this text be removed from Section 6. > > At the time this is written, it is expected that there will be a new > family of hash algorithms called SHA-3 within the next few years. > It is expected that some of the SHA-3 algorithms will be mandatory > and/or recommended for TLSA records after the algorithms are fully > defined. At that time, this specification will be updated. > > ------------------------------------------- > > <no hat> > In case it wasn't obvious I too think this should be pulled. > Speculating about the future gets us into tricky territory as does > committing future folk to do stuff. If we mention that SHA-3 is coming > and we'll rev the draft then, do we also need to mention SHA-4? > SHA-17? SHA-33.3? OMG, when will the madness stop?! ….Sorry, got a > little carried away there…. > > </no hat>
The reason this was originally included was due to a concern that if we had too few or only one mandatory-to-implement hash algorithm, implementers would not be inclined to code in algorithm agility. See the thread around here: https://www.ietf.org/mail-archive/web/dane/current/msg02165.html Not saying that that's true or a good reason to keep the text, mind you, but reminding the WG why this text was put into the draft in the first place. Personally, I'm ok with removing the paragraph--we still specify that SHA-512 is a SHOULD, so any implementer worth their salt will be algorithm-agile. The rest will probably ignore that paragraph anyway. -- Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
