Re: Removing SHA-224 from Ryan Sleevi on 2014-02-13 (public-webcrypto@w3.org from February 2014)

From: Ryan Sleevi <sleevi@google.com>
Date: Thu, 13 Feb 2014 09:06:38 -0800
To: Richard Barnes <rbarnes@mozilla.com>
Cc: Alexey Proskuryakov <ap@webkit.org>, Israel Hilerio <israelh@microsoft.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CACvaWvazt6RbRW+2garAdBGUFK6b4Ce1T0+vqFJaNQm1PO+ROQ@mail.gmail.com>

On Feb 13, 2014 7:03 AM, "Richard Barnes" <rbarnes@mozilla.com> wrote:
>
> On 2/13/14, 12:28 AM, Ryan Sleevi wrote:
>>
>> Are there any objections for removing SHA-224?
>
>
> Not from me.
>
>
>
>> I note, for example, that Microsoft has chosen not to implement SHA-224.
>> It provides less security as SHA-256, but at the same performance cost.
>>
>> I'm trying to think of a compelling reason for implementors to implement
>> SHA-224, and I can't find one, other than for completion sake. Do we
>> have any use cases for it?
>
>
> Just to be clear, leaving it in wouldn't compel implementors to implement
it, right?
>
> "[This] specification does not dictate a mandatory set of algorithms that
MUST be implemented."

No. But it would bloat the spec needlessly and give people a false
impression regarding how likely their chosen algorithm is or is not to be
implemented.

This is the same argument for not including SEED or GOST. Yes, we can
enumerate every possible algorithm, but before hitting PR we'd be removing
them. I can see no benefit to leaving it in - only harm - if no one plans
to implement.

Received on Thursday, 13 February 2014 17:07:05 UTC