W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2005

Re: Broken SHA-1

From: Andy Philips <Andy.Philips@oracle.com>
Date: Wed, 16 Feb 2005 15:51:27 -0800
Message-ID: <029801c51482$720177d0$ea562382@us.oracle.com>
To: "John Messing" <jmessing@law-on-line.com>, "Manoj K. Srivastava" <manoj@infomosaic.com>
Cc: <w3c-ietf-xmldsig@w3.org>

Or multiple digest formats for one message as it seems unlikely (although
not impossible until proven otherwise ;) that two digests could be broken in
the same attack.

----- Original Message ----- 
From: "John Messing" <jmessing@law-on-line.com>
To: "Manoj K. Srivastava" <manoj@infomosaic.com>
Cc: <w3c-ietf-xmldsig@w3.org>
Sent: Wednesday, February 16, 2005 2:42 PM
Subject: RE: Broken SHA-1


>
> Or alternatives to digest algorithms entirely, since they all may be
> subject to the same attacks, over time.
>
> > -------- Original Message --------
> > Subject: Broken SHA-1
> > From: "Manoj K. Srivastava" <manoj@infomosaic.com>
> > Date: Wed, February 16, 2005 12:09 pm
> > To: w3c-ietf-xmldsig@w3.org
> >
> > Does the standards body have any plans to allow any alternate digest
> > algorithm?
> >
> >
> >
> > http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
> >
> >
> >
> > Regards,
> >
> > Manoj K. Srivastava
> > Infomosaic Corporation
> > 2118 Walsh Avenue, Suite 200
> > Santa Clara, CA 95050
> > Voice: (408) 988-4337
> > Fax:   (408) 516-9427
> >  <http://www.infomosaic.net/>
> >
> > Confidentiality Notice: This e-mail message, including any attachments,
is
> > for the sole use of the intended recipient(s) and may contain
confidential
> > and/or privileged information. Any unauthorized review, use, disclosure
or
> > distribution is prohibited. If you are not the intended recipient,
Please
> > contact the sender by reply e-mail and destroy all copies of the
original
> > message.
>
>
>
Received on Thursday, 17 February 2005 09:28:04 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.30 : Thursday, 17 February 2005 09:28:05 GMT