Hi Eliot, Thanks for your review and comments. On Sat, Oct 5, 2024 at 6:01 AM Eliot Lear <lear@xxxxxxx> wrote: > > I support publication of this draft as an RFC. However, I have several comments that I would suggest the authors address prior to publication: > > While the security considerations make clear the difference between this and a cryptographic hash, I have a concern that the algorithm might be applied in inappropriate situations. Therefore, I would ask that the introduction include some applicability discussion with some formal analysis. This could be an expansion of the third paragraph of when the hash should NOT be used. Sure, adding some word on applicability in the Introduction seems reasonable. I'll see what we can come up with. And I can imagine a "formal analysis" as to the applicability of FNV to some particular problem. But I don't really know what a formal analysis of general applicability would be. Could you point to a couple of examples of the sort of analysis you are looking for? > I'm not a fan of dropping C code into RFCs, because if a bug is found, implementers need to understand our errata system, assuming an erratum is even filed. I'd suggest a reference. There currently isn't any other place under I* control with the permanence of an RFC. Having reference code in an RFC has worked well at least in a number of cases with which I have experience. > While the history of the work is fine to have in the draft, I would move it down to the last paragraph of the intro. That way the reader gets to the point of the work faster. OK, I think that one paragraph can be moved down. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@xxxxxxxxx > Regards, > > Eliot -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
