On Thursday, 1 September 2016 19:22:18 CEST Dave Garrett wrote: > On Thursday, September 01, 2016 02:30:54 pm Scott Fluhrer (sfluhrer) wrote: > > > On Thursday, 1 September 2016 12:43:31 CEST Benjamin Kaduk wrote: > > > > On 09/01/2016 12:38 PM, Hubert Kario wrote: > > > > > The SHA-3 standard is already published and accepted[1], shouldn't > > > > > TLSv1.3 include signatures with those hashes then? > > > > > > > > Why does it need to be part of the core spec instead of a separate > > > > > > document? > > > > > > because: we also are adding RSA-PSS to TLSv1.2 in this document, I don't > > > see why it needs to be delayed. Finally, TLSv1.2 added SHA-2 just like > > > that, it was not tacked on later. > > > > IIRC, SHA-2 was a special case; SHA-1 was demonstrated to be > > cryptographically weaker than expected and so we needed to have a secure > > alternative ASAP. > > > > The SHA-3 is not like that; there's no evidence that suggests that SHA-2 > > is weak; the only incentive to implementing SHA-3 is "we'll, it is a > > standard, and so we might as well support it". > The reason I see is that we currently specify exactly one valid hash > algorithm (in a variety of sizes). The precedent argument is good enough > for me. I think adding it in this document is definitely worth considering. > I don't want to wait until SHA-2 is considered weak to provide an > alternative, if we can avoid it.
I've created a PR for it: https://github.com/tlswg/tls13-spec/pull/616 I haven't changed any recommendations, the recommended hashes to implement are still SHA-2 based, and I don't think we should change that given that certificates just now are transitioning to SHA-256 because of incompatibility fears. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls