On 9/23/2020 9:11 PM, Donald Eastlake wrote:
Hi,
Replying on just one point:
On Mon, Sep 21, 2020 at 2:27 PM Michael StJohns <m...@nthpermutation.com> wrote:
...
2.2.4 - SHA384 has a hash length of 48 bytes. 12 bytes seems to imply
some sort of left or right truncation. Show stopper! Explain how this
value was selected and how it interacts with the native length of the
chosen hash. Note: I have no trouble with truncated hashes here, but no
modern hash has less than 20 bytes so 12 seems to be a very strange
number absent a discussion of truncated hashes.
Well, previously the draft said that the length of the digest field
must be larger than zero. Do you think that the previous text implied
you could truncate to 1 byte? There is nothing in the draft about
truncation.
No - I assumed it was the full hash. E.g. "the field can't be empty" is
somewhat equivalent to "the length of the digest field must be greater
than zero".
This is intended to prohibit any future hash algorithm specification
(which could include a truncation operation) for ZOMEND that results
in less than 12 bytes. 96 bits seems to be a common minimum length for
disgests in the IETF although perhaps I have that impression due to
the common case of SHA-1 truncated to 96 bits. However, I note that
RFC 4635 on "HMAC SHA TSIG Algorithm Identifiers", issued in 2006,
prohibits hashes less than 10 bytes or 80 bits. If the draft is going
to specify a minimum length, I think it should be at least 96 bits.
Begging still the question of whether or not the current ZONEMD hashes
can be truncated and still be acceptable as long as they're 12 bytes or
longer on production and transmission.
The language is ambiguous and could cause interoperability problems.
Something more like "The current hashes for the SIMPLE scheme all
require production and inclusion of the entire length of the hash.
Future hashes MAY be truncated, but MUST not be truncated to a length
that's less than an equivalent to 96 bits of strength - e.g. 12 bytes
for the SHA 2 and 3 family of hashes."
Later, Mike
Thanks,
Donald
===============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
2386 Panoramic Circle, Apopka, FL 32703 USA
d3e...@gmail.com
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
