[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors

To: RJ Atkinson <rja@xxxxxxxxxxxxxxxxxxx>
Subject: Re: No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors
From: "Housley, Russ" <rhousley@xxxxxxxxxxxxxxx>
Date: Wed, 24 Jul 2002 14:13:03 -0400
Cc: ipsec@xxxxxxxxxxxxxxxxx, saag@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

Ran:

We are not trying to stifle innovation, nor are we trying to suppress SHA-256.

SHA-256 has an important place, but this is not it. SHA-256 was developed to support applications that need a longer output value. SHA-1 generates a 160-bit output value. In our view, SHA-1 should be used unless a longer output value is needed. In the proposal, the hash value is truncated to 128 bits, so there is no benefit from the more complicated hash function.

I would support the use of SHA-256 if the final output were longer than 160 bits.

Russ

At 12:41 AM 7/18/2002 -0400, RJ Atkinson wrote:

On Wednesday, July 17, 2002, at 08:35 PM, Russell Dietz wrote:

To the IPSec Working Group and Security Area Directors:

The purpose of this letter is to comment on an existing Internet Draft,
draft-ietf-ipsec-ciph-sha-256-00.txt, dated Nov 2001, co-authored by S.
Frankel and S. Kelley. This draft, hereafter referred to as DRAFT-SHA-256
for brevity, defines how to use the new SHA-256 algorithm from NIST (FIPS
180-2) for packet authentication within the ESP and AH mechanisms of IPSec.

Russell,

I'm pretty indifferent to the topic of what ought or ought not be
mandatory-to-implement or maybe even standards-track RFC versus
informational RFC.  I am remarkably indifferent to any of the
mathematical parts of your note or Uri's followup.

I do feel pretty strongly that the above referenced draft ought to be
permitted to be published, at least as an Informational RFC, so that
those folks who choose to implement/deploy it can do so in an
interoperable manner.

Trying to prevent people from publishing open specifications for
entirely optional-to-implement technology is NOT consistent with
the Internet tradition.  I would hope that the RFC Editor would
apply their own good judgement to an individual request to publish
such a document as an Informational RFC if the situation should arise.

Yours,

Ran
rja@xxxxxxxxxxxxxxxxxxx


_______________________________________________
saag mailing list
saag@xxxxxxx
http://jis.mit.edu/mailman/listinfo/saag

Follow-Ups:
- Re: [saag] Re: No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors
  - From: Uri Blumenthal

References:
- No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors
  - From: Russell Dietz
- Re: [saag] No need for SHA-2 Packet Authentication - Open Letter to the WG a nd Area Directors
  - From: RJ Atkinson

Prev by Date: Re: Vendor Extensions
Next by Date: Re: Two AES encryption modes?
Previous by thread: Re: [saag] No need for SHA-2 Packet Authentication - Open Letter to the WG a nd Area Directors
Next by thread: Re: [saag] Re: No need for SHA-2 Packet Authentication - Open Letter to the WG and Area Directors
Index(es):
- Date
- Thread