In your previous mail you wrote: > > Minor issues: not a real issue but I am not convinced there is a real > > crypto reason to give up SHA-1. At the first view the attack against > > SSHFP is a pre-image one, but: > > - I leave the question to cryptographers of the security directorate > > - there are many not-crypto reasons to move from SHA-1 to SHA-256 > > Hi, > > I have added some text there: > > ECDSA public key fingerprints MUST use the SHA-256 algorithm > for the fingerprint as using the SHA-1 algorithm would > weaken the security of the key, which itself can use only > SHA-2 family of algorithms RFC 5656 (Section 3.1.1).
=> I am afraid it is another not-crypto reason... > But I am also not a cryptographer, => I am not a cryptographer too (I just worked with cryptographers, military cryptographers exactly, i.e., the worst kind of cryptographers :-) > so it's just my guts telling me > that if a key is allowed to use only SHA-2, we should keep it in sync > here. => the 2 ideas are: - keep the requirement (i.e., it is the right one and even there could be no good crypto reasons) - get a wording for the justification which doesn't make cryptographers too unhappy (they won't be really happy anyway: this is a part of being cryptographers :-) Of course for the second part the best should be to get a feedback from the crypto (oops, the security) directorate. Thanks [email protected] _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
