On Fri, Oct 02, 2009 at 06:14:47PM +0100, Alexey Melnikov wrote: > On Thu, Sep 24, 2009 at 2:22 AM, Ben Campbell <ben@xxxxxxxxxxxx> wrote: > > I'm no crypto expert, so please forgive me if this is silly--but isn't there > > a movement to phase out sha-1? If so, should that be the default "must > > implement" hash for a new mechanism? > > My understanding is that use of SHA-1 under HMAC is still considered reasonable. > The WG debated at length use of SHA-1 versa use of SHA-256, etc. and decided > to proceed with SHA-1, because it is more frequently implemented in libraries > and hardware. This matter has come up elsewhere, such as in the KRB-WG. NIST has not obsoleted the use of HMAC-SHA-1, though I don't have a reference handy at the moment (but a quick search of the KRB-WG mailing list and, maybe, the krbdev@xxxxxxx list should yield one). > > -- 1.2, last bullet: > > > > What is the referent for "this"? Is there perhaps a missing word(s), or > > maybe this paragraph belongs with the previous bullet? > > The latter. (This == Hi()) Incidentally, Hi() should be shown as taking the iteration count as an argument. Nico -- _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf