> -----Original Message----- > From: Pete Resnick [mailto:[email protected]] > Sent: Friday, January 20, 2012 3:40 PM > To: Murray S. Kucherawy > Cc: Message Abuse Report Format working group > Subject: Re: [marf] DISCUSS on draft-ietf-marf-redaction-04 > > Sorry for not getting back to you earlier; tied up in meetings all > afternoon. But you did hear back from Stephen: This would address his > concerns. This way, you're not saying that H is a good idea for > redaction without explaining the limited meaning of "redaction" that > this document anticipates. I would like to see a "MAY" appear somewhere > in section 3 of your proposed text to indicate that the choice of > algorithm is a protocol option. (E.g., "An implementation MAY choose > one of ROT13, CRC32, MD5, H, HMAC, or any transformation that has a > reasonably low likelihood of collision...blah...blah...blah..."). And I > think you're likely to need references for the example algorithms you > do give, and maybe a a quick line about the features of each, (e.g., > "ROT13 (manually invertible, but visually obscure), CRC32 (invertible > by code, but not simply by a human), ..."). But I think this is > perfectly reasonable.
I doubt there's a formal definition of ROT13 anywhere, but I'll look for the rest. If anyone has references handy, please do post them and save me the time of going to track them down. The list I would use would include at least these, which need references: - ROT13 - CRC32 - MD5 - SHA (already have the FIPS-180 reference) - H - HMAC (already cite an RFC for this one) - full encryption a la what openssl can do (does this have a formal name and a good reference?) _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
