Hi Thomas, From: iesg <iesg-boun...@ietf.org> On Behalf Of Thomas Fossati Sent: 18 July 2022 18:42 To: Peter Saint-Andre <stpe...@stpeter.im>; Rob Wilton (rwilton) <rwil...@cisco.com>; The IESG <i...@ietf.org> Cc: draft-ietf-uta-rfc7525...@ietf.org; uta-cha...@ietf.org; uta@ietf.org; le...@sunet.se Subject: Re: [Uta] Robert Wilton's Discuss on draft-ietf-uta-rfc7525bis-09: (with DISCUSS and COMMENT)
Hi Rob, Peter, On Thursday, 14 July 2022 at 16:07, Peter Saint-Andre <stpe...@stpeter.im<mailto:stpe...@stpeter.im>> wrote: > On 7/14/22 3:37 AM, Robert Wilton via Datatracker wrote: > > (4) > > When using RSA, servers MUST authenticate using certificates > > with at least a 2048-bit modulus for the public key. In > > addition, the use of the SHA-256 hash algorithm is RECOMMENDED > > and SHA-1 or MD5 MUST NOT be used ([RFC9155], and see > > [CAB-Baseline] for more details). > > > > So, for clarity, this would presumably mean that SHA-256 is also > > preferred over say SHA-512? Is that the intention? Or would it be > > better if the SHOULD allowed stronger ciphers? > > I think we should probably say "SHA-256 or stronger", but again I'd > like to see what my co-authors think. My two cents on this point. Readers are always free to choose stronger algorithms if they want to. However, in this case I don't see a good reason for doing so: if your threat model involves an adversary with a quantum computer, 256 is as good as 384 or 512, but it's more concise. So, if your cert is short-lived, going higher than 256 does not provide any real advantage. If one's cert's notAfter is distant enough that they should start worrying about the reality of a quantum adversary, then I think the whole advice in this section would need a massive revamp :-) Okay. Thanks for checking. I'm happy to regard this point as closed. Regards, Rob cheers, t IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
