[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WG Last Call: SHA-224
This is an instance where this protocol should be a part of the IRTF since
it will likely not be used in production.
Todd
----- Original Message -----
From: "Peter Gutmann" <pgut001@xxxxxxxxxxxxxxxxx>
To: <ietf-pkix@xxxxxxx>; <lloyd@xxxxxxxxxxxxx>
Sent: Monday, March 29, 2004 7:36 PM
Subject: Re: WG Last Call: SHA-224
>
> Jack Lloyd <lloyd@xxxxxxxxxxxxx> writes:
>
> >If someone really want this and wants it RFCized, then fine, I just don't
see
> >the logic behind it.
>
> That's exactly whay I pointed out months ago when it first came up. It's
not
> useful in any normal Internet protocol that requires key management
because
> they all use the output of a PRF (usually via HMAC), it's not useful in
> signing because they use PKCS #1, but it is going to be pushed through no
> matter what, so we may as well just sit back and..., well, ignore it. If
the
> RFC were however to admit that "There's no requirement for this in any
> Internet security protocol" (or whatever the text is that gets used for
other
> oddball algorithms that people do RFCs for) it'd be helpful in addressing
> arguments from people who wanted it supported just because it's mentioned
in
> some RFC.
>
> Peter.
>