W3C home > Mailing lists > Public > public-rdf-dawg@w3.org > July to September 2011

Re: Proposal for hash functions in SPARQL 1.1

From: Sandro Hawke <sandro@w3.org>
Date: Thu, 29 Sep 2011 12:08:10 -0400
To: Andy Seaborne <andy.seaborne@epimorphics.com>
Cc: public-rdf-dawg@w3.org
Message-ID: <1317312490.31898.123.camel@waldron>
On Thu, 2011-09-29 at 15:59 +0100, Andy Seaborne wrote:
> 
> On 29/09/11 14:06, Andy Seaborne wrote:
> > Reduce the number of library (required) functions to
> >
> > Please put your (+1 | 0 | -1) on each of:
> >
> > Proposal 1:
> > SHA1
> > MD5
> >
> > Proposal 2:
> > SHA1
> > MD5
> > SHA256
> >
> > Proposal 3:
> > SHA1
> > MD5
> > SHA256
> > SHA512
> >
> > Proposal 4:
> > Other (with details)
> >
> >
> > Variations: leave the other functions in as "informative, not required"
> > and leave the keywords in the grammar.
> >
> > Andy
> >
> 
> Sandro came up with:
> 
> http://www.w3.org/TR/xmldsig-core2/#sec-MessageDigests
> 
> which mentions certain SHAx algorithms so it gives us an external 
> reason for choosing a certain set:
> 
> Proposal 5:
> MD5
> SHA1
> SHA256
> SHA512
> SHA384
> SHA512
> 
> (i.e. remove SHA224, but that's the problmeatic one for the commenter 
> (Jeen) because it's not in the core Java runtime).

You also include SHA512 twice, making the list look longer!  :-)

Also, I was advised against including MD5 -- as the earlier xmldsig
advises -- because of known security problems with it.  I guess the
theory is that it's important to steer people away from technology that
looks secure but isn't.   (The counter-argument is that some people
still use it.  But maybe should let that be entirely on them.)

   -- Sandro

> http://download.oracle.com/javase/7/docs/api/
> http://download.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#MessageDigest
> 
> Do any programming languages have problems with this set?
> 
> 	Andy
> 
> 
Received on Thursday, 29 September 2011 16:08:18 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 16:15:46 GMT