[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt

To: ietf-pkix@xxxxxxx, tomasg@xxxxxxx
Subject: Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Fri, 11 Jan 2002 16:38:02 +1300 (NZDT)
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Tomas Gustavsson <tomasg@xxxxxxx> writes:

>How much space is saved by only using 128 bits from the SHA1 hash?

The short answer is: It's quite significant (even 128 bits is far larger than
is optimal, but I figured that was the lower bound of what I could get away
with.  64 bits would be better).  The space saving on disk is irrelevant,
what's significant is the space in indices.  The less keys you can fit per
page, the more pages the index consumes, and the worse performance gets.
That's still not the full answer, for that I'd recommend any book on database
design, or the paper I reference in the draft which looks at this in some
detail.

>Is the added chance of collision insignificant when truncating the hash?

Yes.  I doubt there are more than about 2^20 certs in the whole world, let
alone 2^64.

Peter.

Follow-Ups:
- Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
  - From: Michael Ströder

Prev by Date: Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
Next by Date: Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
Previous by thread: Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
Next by thread: Re: I-D ACTION:draft-ietf-pkix-certstore-http-01.txt
Index(es):
- Date
- Thread