On Friday, 2 September 2016 13:42:40 CEST Ilari Liusvaara wrote: > On Fri, Sep 02, 2016 at 12:08:47PM +0200, Hubert Kario wrote: > > On Thursday, 1 September 2016 19:22:18 CEST Dave Garrett wrote: > > > The reason I see is that we currently specify exactly one valid hash > > > algorithm (in a variety of sizes). The precedent argument is good enough > > > for me. I think adding it in this document is definitely worth > > > considering. > > > I don't want to wait until SHA-2 is considered weak to provide an > > > alternative, if we can avoid it. > > > > I've created a PR for it: https://github.com/tlswg/tls13-spec/pull/616 > > > > I haven't changed any recommendations, the recommended hashes to implement > > are still SHA-2 based, and I don't think we should change that given that > > certificates just now are transitioning to SHA-256 because of > > incompatibility fears. > > Just tweaking the signatures is not enough. There is also the PRF hash, > and using weak hash there has, umm... rather bad consequences.
SHA-3 ciphersuites added -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
