On 17/12/15 14:58, Kathleen Moriarty wrote: > Kathleen Moriarty has entered the following ballot position for > draft-ietf-tls-cached-info-20: Yes > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-tls-cached-info/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Just a quick comment, sorry for asking this late and I won't hold up on > it either, just want to raise the question without quite enough time to > research it all. > > I see the SHA-256 truncation is just 32 bits. In other applications, > about half is what is typically recommended. I know you are trying to > cut on space, but will problems arise from this shorter value?
Nah, I think this one's ok. IIUC, the result of a collision is just a handshake fail, and then presumably recovery when they ditch the cached stuff. Section 5 describes this. S. > > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls