On Thu, Jun 28, 2012 at 09:03:22PM -0400, Ted Unangst wrote: > On Fri, Jun 29, 2012 at 10:17, Darren Tucker wrote: [...] > > Using the names hmac-sha2-256-96 and hmac-sha2-512-96 is a violation of > > the spec since that namespace is managed by IANA. They could be > > implemented as vendor extensions (hmac-sha2-256...@openssh.com and > > hmac-sha2-512...@openssh.com). > > Any reason to do so?
Not that I know of. I'm not say we should do this, but rather was answering the question of protocol compliance. > Are the truncated hashes particularly beneficial? Apparently the working group didn't think they were. The original justification[1] was "The truncated -96 OPTIONAL forms are present to allow applications which may be space restricted to still interoperate and make use of the new hashes." [1] http://tools.ietf.org/rfcdiff?url2=draft-dbider-sha2-mac-for-ssh-06 -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.