At Mon, 3 Mar 2008 07:44:00 -0800, Paul Hoffman wrote: > > At 3:06 PM +0100 3/3/08, Denis Pinkas wrote: > > >> >While I welcome this draft, everybody should take into > >>>>consideration that, if the SHA2 family happens to be broken > >>>>then we will be at risk. > >>>>This should be mentioned into the security considerations section. > >>> > >>>If an algorithm is cracked then isn't it obvious that we're in trouble? No > >>>other algorithm document I could find says something like this so I'm > >>>inclined to not include this in the security considerations section. > >> > >>... or anywhere else. If any algorithm (hash, encryption, signing, > >>...) is broken, it is broken. Sean's right here. > > > >The message is the following: if the SHA2 family is broken, then you > >had better > >to use two hash algorithms from a different family (e.g. use Whirlpool). > > There is no consensus in the IETF that this statement is true. We > have discussed it many times for many years. Adding such a sentence > to this document without community agreement is wrong. I agree with Paul that there is no consensus here. -Ekr _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf