[cabfpub] SHA-1 Collision Found
agl at google.com
Fri Feb 24 20:11:25 UTC 2017
On Fri, Feb 24, 2017 at 12:03 PM, Rob Stradling <rob.stradling at comodo.com>
> Hi Adam. I agree that having more options just for the sake of having
> more options isn't actually helpful. Enough options to achieve sufficient
> diversity is enough.
> How much do we care about NIST's blessing these days?
(Much, much less than a decade ago?)
> EdDSA/Curve25519/etc isn't a NIST product.
Is there a case for using BLAKE2 for certificate signatures _instead_ of
> using SHA-3?
> Performance does matter for other uses of hash algorithms, so why not
> settle on using BLAKE2 for everything (and not implement SHA-3 at all)?
Frankly, I'm up for it :) But the bulk of this work isn't getting browsers
to support something, it's getting the long-tail of devices to support
something and the pressure that we'll have to exert to make it happen. They
might get more upset at BLAKE2 than something with a NIST stamp on it.
(Although, I was just about to note that they often use OpenSSL and OpenSSL
surely will support SHA-3 before BLAKE2. But it appears I'm wrong and
OpenSSL has had BLAKE2 for nine months and still lacks SHA-3?)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public