On Mon, May 18, 2015 at 5:46 PM, Johannes Merkle <[email protected]> wrote: > Kathleen Moriarty schrieb am 14.05.2015 um 15:58: >> >> I agree with Stephen. My yes was because more secure options are defined, >> but less would be good. > > There was some discussion on this (admittedly by quite few participants) and > my summary was as follows > >> Question 3: Which (sub)set of protocols (hash function, MAC length) should >> be selected? >> - Johannes: SHA-256-192 as MUST, SHA-512-256 as SHOULD, all other can be MAY >> or omitted. >> - Uri: SHA-256-192 and SHA-384-320 as MUST, SHA-512-256 as SHOULD, and >> SHA-224-??? as MAY >> - Tom: AFAIU, he agrees with the preferences expressed by David, Johannes >> and Uri. >> - David: SHA-256-192 and SHA-512-384. >> (In all the above cases, the preferences were not that strong, there was >> mainly the wish to reduce the number of >> protocols in the current draft.) > > Then I suggested the subset as it is currently defined and everyone agreed. > It was a compromise. But considering the > individual opinions, It would be safe to delete the SHA-224 option.
Fine with me (chair / doc shepherd) W (this email not actually needed, but figured it'd didn't hurt to mention :-)) > > > > -- > Johannes -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
