FYI, I've been revamping the 6962-bis registry sections in this PR:
https://github.com/google/certificate-transparency-rfcs/pull/216
On 14/12/16 00:48, Stephen Farrell wrote:
Hiya,
Just a comment from the sidelines...
On 14/12/16 00:20, Bill Frantz wrote:
"Suitable for use as a cryptographic hash with no known preimage or
collision attacks. These attacks can damage the integrity of the log."
If taking this approach it might be useful to consider the
duration for which any such properties are desired, e.g. to
consider how that duration maps to hashes used in certificate
signing would seem like a natural enough thing to do. And it
might even be the case that such consideration provides a way
to avoid a separate registry maybe, not sure.
S.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
