Opened 8 years ago

#1 new defect

Determine Algorithm Agility in digest-update

Reported by: ynir@… Owned by: draft-ietf-httpauth-digest-update@…
Priority: major Milestone:
Component: digest-update Version:
Severity: Active WG Document Keywords: algorithm agility
Cc:

Description

In the -00 version of the draft, there are 5 supported algorithms: MD5, SHA1, SHA256, SHA384, SHA512.

Some (Stephen F, Manu S, Paul H, PHB) contend that this is too many.
PHB would also like to see older, less secure algorithms (MD5,SHA1?) removed, and have maybe two algorithms (SHA2-256 and SHA3-256)
Perhaps with the existence of SHA3 we should use "SHA2-256" for the SHA2 algorithm rather than "SHA256".

Anyway, we should reach consensus, and that is what this issue is about

Change History (0)

Note: See TracTickets for help on using tickets.