On Sat, Dec 5, 2020 at 6:58 AM Salz, Rich <rsalz=40akamai.com@xxxxxxxxxxxxxx> wrote:
There is a fair amount of academic study around SipHash, and while everyone can make mistakes, its creators have a pretty good reputation. I don't think we can say SipHash is unknown in the industry.
The TLSWG made it a practice to ask CFRG to "approve" all crypto it used (except perhapd HKDF, but that's a side note). The DNSOP has no such practice.
I recognize that this is a bigger issue, but I believe this should be the practice for the IETF as a whole and I would encourage the SEC ADs to work to make it so.
-Ekr
If SECDIR or the Ads thinks SipHash isn't good, it would be great to hear reasons. I haven't heard any yet.
_______________________________________________
DNSOP mailing list
DNSOP@xxxxxxxx
https://www.ietf.org/mailman/listinfo/dnsop
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
