On Wed, Jul 19, 2017 at 8:40 PM, Peter Saint-Andre <[email protected]> wrote: > What do implementers think is a "reasonable number of iterations"? My > sense is that we're talking about at most 4 or 5, and usually 2 or 3.
For now we've avoided dealing with this in the Go implementation by documenting that the nickname profile (which I think is the only profile to suffer from this right now?) is not idempotent and passing the requirement to iterate on to the users (application developers using the library). However, I suspect many of them will not read the warning in the docs and will apply the profile once, which may be a security concern. Because we can't be absolutely sure (or can we?) that a string will stabilize after any given number of iterations or that the number of required iterations won't change in the future as new characters are added, and because this introduces a tradeoff that must be made between performance and correctness, I think that idempotency should be a requirement for all standardized PRECIS profiles. However, I understand that this is a large change that may not be possible to make this late in the game. I don't think we'll special case the nickname profile to to make it run multiple times in our implementation, but I'm also not sure what we'll end up doing. It may be that we roll our own profile for nicknames and break compatibility with other libraries (although this is obviously not desired), or we may not support the nickname profile at all and leave it up to application developers to implement if they need it, or we may simply leave a big scary warning in the documentation. None of the options sound appealing. —Sam _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
