draft-bryan-http-digest-algorithm-values-update-00 open issues from Alfred HÎnes on 2009-10-06 (ietf-http-wg@w3.org from October to December 2009)

From: Alfred HÎnes <ah@TR-Sys.de>
Date: Tue, 06 Oct 2009 23:21:16 +0000
To: anthonybryan@gmail.com
Cc: ietf-http-wg@w3.org
Message-Id: <200910062319.BAA07410@TR-Sys.de>

draft-bryan-http-digest-algorithm-values-update-00 says:

>  Known issues concerning this draft:
>
>  o  Current registry: MD5 lists both RFC1521 and RFC20456 for base64
>     encoding.  Should this draft update it to refer to just one?

Update: Yes.
To one of these: Nope.
   Use RFC 4648 for base64 outside the narrow scope of email/MIME !
   (But triply cross-check the line length and folding requirements!)

>  o  Current registry: SHA link (
>     http://csrc.nist.gov/fips/fip180-1.txt ) is no longer valid.
>     Should this draft update it?

Yes.  (Increase the utility of the registry for its users.)

>  o  If we update SHA in the registry, should this draft refer to SHS
>     or RFC3174?

If you want to be conservative, use RFC 3174;
otherwise point to the current version of the SHS, FIPS 180-3.

Since the latter is a current standard, other WGs in the IETF
now are used to quote FIPS 180-3, e.g. PKIX, SMIME, TLS, etc.

Doing so has the additional benefit of re-using the citation
needed for the SHA-2 family anyway, keeping the draft shorter!  :-)


Btw: Can you avoid that weird line folding in the Ref. entry [SHS]:

|                                                    <htt
|   p://csrc.nist.gov/...


Kind regards,
  Alfred HÎnes.

-- 

+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.-Phys.  |
| Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax: -18         |
| D-71254  Ditzingen     |  E-Mail:  ah@TR-Sys.de                     |
+------------------------+--------------------------------------------+

Received on Wednesday, 7 October 2009 06:53:36 UTC