>Please don't respond to a digest message without fixing the Subject line >to be the subject being responded to. Thanks for the kindly reminding.
>I threw out SHA-2 as an example of what you might want to use. It was >not meant as a recommendation. Manav's message indicated that HMAC style >of these algorithms are better. Part of what we change in the protocol >would need to include a list of preferred algorithms, how to indicate >what they are (would require an IANA registry) and how to choose which >one(s) to use and which should not be used. I see. Thanks for explaining to us. My point there is that SHA-2 bears many similar designing principles with SHA-1, so that it looks a little bit unnatural to list up SHA-2 when we are leaving SHA-1, from a crypto point of view. And that is probably the one of motivations for NIST to design SHA-3, IMO. Cheers, Yang -- Yang Cui Huawei Technologies [email protected] -----Original Message----- From: Danny Mayer [mailto:[email protected]] Sent: Tuesday, December 13, 2011 9:16 PM To: Cui Yang Cc: [email protected]; NTP Working Group; David L. Mills Subject: Re: [ntpwg] NTP Extension Field without Authentication Please don't respond to a digest message without fixing the Subject line to be the subject being responded to. I threw out SHA-2 as an example of what you might want to use. It was not meant as a recommendation. Manav's message indicated that HMAC style of these algorithms are better. Part of what we change in the protocol would need to include a list of preferred algorithms, how to indicate what they are (would require an IANA registry) and how to choose which one(s) to use and which should not be used. Danny On 12/13/2011 12:13 AM, Cui Yang wrote: >> That's one possibility. Another is SHA-2. That's why we need to revisit >> the question. >> >> Danny > > SHA-2 doesn't change much from SHA-1, if only two choices available, > HMAC-SHA-1 is better than SHA-2, IMHO. > Also don't forget that SHA-3 is coming. > > I agree with Manav that an arbitrary size of MAC is preferable. > > Yang > -- > Yang Cui > Huawei Technologies > [email protected] _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
