On Thu, Dec 17, 2015 at 10:09 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > On 17/12/15 14:58, Kathleen Moriarty wrote: >> Kathleen Moriarty has entered the following ballot position for >> draft-ietf-tls-cached-info-20: Yes >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> >> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >> for more information about IESG DISCUSS and COMMENT positions. >> >> >> The document, along with other ballot positions, can be found here: >> https://datatracker.ietf.org/doc/draft-ietf-tls-cached-info/ >> >> >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> Just a quick comment, sorry for asking this late and I won't hold up on >> it either, just want to raise the question without quite enough time to >> research it all. >> >> I see the SHA-256 truncation is just 32 bits. In other applications, >> about half is what is typically recommended. I know you are trying to >> cut on space, but will problems arise from this shorter value? > > Nah, I think this one's ok. IIUC, the result of a collision is > just a handshake fail, and then presumably recovery when they > ditch the cached stuff. Section 5 describes this.
OK, no hold up on it, there just wasn't an explanation in the draft as to why 32 bits was enough in section 5 (or any other). Thanks, Kathleen > > S. > > >> >> -- Best regards, Kathleen _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
