- From: Joseph Ashwood <jashwood@arcot.com>
- Date: Wed, 4 Apr 2001 12:15:30 -0700
- To: <w3c-ietf-xmldsig@w3.org>
The desire for RIPEMD series hashs is extremely rare, or least has been in my experience. It has been my experience that at the various sizes the preferred algorithms are MD5 (128), SHA-1 (160), Tiger-192, SHA-256, SHA-384, SHA-512, very few people seem to even consider going larger than SHA-512. So I don't think there's any real need to create a unified directory of any more than those. Recently I've noticed an increase of desire for hash mode cipher functions, so we may want to consider having at least token support for them, I personally don't appreciate them, I have generally found that they are easier to attack, or at least as slow as a dedicated hash function, but some people swear by them (although I do admit I appreciate some of the provable aspects of them). Personally I'd say we should include those before we go about including RIPEMD, Whirlpool, etc, simply because it is more likely that someone will desire them (although in the next few years Whirlpool will probably be named the Cryptonessie hash function, so it may come into demand). Joe ----- Original Message ----- From: "Tom Gindin" <tgindin@us.ibm.com> To: "Glenn Adams" <gadams@vgi.com> Cc: "Brian LaMacchia" <bal@microsoft.com>; <w3c-ietf-xmldsig@w3.org> Sent: Tuesday, April 03, 2001 9:00 PM Subject: Re: XML DSIG Algorithm URNs > > Brian's point about defining URN's for the new extended SHA's is still > appropriate, even assuming that we include support for MD5 and RSA/MD5. > Should we include RIPEMD-160 (and perhaps RIPEMD-128) as well? They are > not mandatory to implement, of course. > > Tom Gindin > > > "Glenn Adams" <gadams@vgi.com>@w3.org on 04/03/2001 08:35:59 PM > > Sent by: w3c-ietf-xmldsig-request@w3.org > > > To: "Brian LaMacchia" <bal@microsoft.com> > cc: <w3c-ietf-xmldsig@w3.org> > Subject: Re: XML DSIG Algorithm URNs > > > We are also using SHA-1 (and recommend it as a preference), but need to use > MD5 > for compatibility with certain existing practice as well; that is, we have > certain legacy issues we must contend with. It seems to us that XML DSIG > should > recognize the continued use of these legacy algorithms even if they are not > recommended. > > Regards, > Glenn > > ----- Original Message ----- > From: "Brian LaMacchia" <bal@microsoft.com> > To: "Glenn Adams" <gadams@vgi.com> > Cc: <w3c-ietf-xmldsig@w3.org> > Sent: Tuesday, April 03, 2001 12:52 PM > Subject: RE: XML DSIG Algorithm URNs > > > > We didn't define URLs for MD5 because the crypto community has moved > > away from using or recommending MD5 in any new standard over the past > > few years, and thus there wasn't anyone pushing for use of MD5 with > > XMLDSIG. Why are you specifying use of MD5 in a new standard? > > Shouldn't you be using at least SHA-1? Along these lines, the request I > > expected to see is for XMLDSIG to specify URLs for SHA-256, SHA-384 and > > SHA-512. > > > > Note: I'm not saying we shouldn't specify an URL for MD5 and > > RSA-MD5-PKCS1v1.5, just questioning your reliance on it in a new > > standard. However, if we are going to open up the URL list then we > > should definitely add SHA-256, -384 and -512 to the list. > > > > --bal > > > > -----Original Message----- > > From: Glenn Adams [mailto:gadams@vgi.com] > > Sent: Monday, April 02, 2001 6:11 PM > > To: w3c-ietf-xmldsig@w3.org > > Subject: XML DSIG Algorithm URNs > > > > > > The ATSC (Advanced Television Systems Committee) DASE (DTV Application > > Software > > Environment) is expected to normatively reference the XML DSIG > > recommendation (hopefully to be finalized very soon). > > > > It is a requirement of DASE to support MD5 as a message digest algorithm > > as well as MD5 with RSA Encryption as a signature algorithm, and thus we > > need URNs to refer to these algorithms. We note that XML DSIG does not > > presently define a URN for either of these algorithms. Therefore, we > > request that the XML DSIG group add URNs for these algorithms, e.g., > > > > http://www.w3.org/2000/09/xmldsig#md5 > > http://www.w3.org/2000/09/xmldsig#rsa-md5 > > > > If XML DSIG doesn't define these, we will have to define our own URNs; > > however, given the very high likelihood of the use of these two > > algorithms, we believe it would be in the best interest of the XML DSIG > > user community to have W3C specify these URNs. > > > > Regards, > > Glenn Adams > > Chair, ATSC T3/S17 DASE Specialist Group > > > > > > > > > > >
Received on Wednesday, 4 April 2001 15:17:02 UTC