[mdx] Joe on 3.1.1

Leif Johansson leifj at sunet.se
Sat Nov 2 13:59:15 PDT 2013 

On 09/26/2013 10:18 PM, Tom Scavo wrote:
> On Thu, Sep 26, 2013 at 10:03 AM, Ian Young <ian at iay.org.uk> wrote:
>>> Responders MUST support the MD5 (transformation indicator 'md5') and
>>> SHA-1 (transformation indicator 'sha1')
>> There was some discussion on whether this was desirable.  Leif wanted case-insensitivity, for robustness, but Scott disagreed:
>>
>>> I'd prefer not. URLs are case sensitive, and I'd rather not introduce
>>> folding requirements.
>> My remarks: I side with Scott on this one and unless Leif has strong feelings I think we'll take that as it stands.
> +1
no strong feelings
>
>> The other observation I'd make is that there's no justification in the present text for making two transformation indicators MTI. I guess one might have a very small performance benefit over the other, but if there is no security implication then why wouldn't every client just pick the shorter/faster one?  Likewise if there is no visible performance benefit but a security consideration why wouldn't every client just pick the more secure one?
> Well, I've already implemented this, so I'll share my "lessons
> learned." I started with MD-5 since there wasn't a security concern
> (AFAICT) and since an MD-5 hash was shorter and therefore more usable.
> Later I switched to SHA-1 for the same reason some people run their
> entire web site over SSL/TLS, that is, a naive user will come to
> believe it is more secure. I kick myself for falling into that trap,
> however, and I often think I should go back to MD-5. Take it FWIW.
>
>> I'd also like to raise a specific *disadvantage* of having two MTI algorithms, which is that it means that a system which caches results (whether in the conventional sense or just by pre-computing signed documents and stashing them in files called md5-f3678248a29ab8e8e5b1b00bee4060e0.xml) has to construct two indices, or alias one set of keys to the other.
> I must be missing something. The mapping from entityID to filename
> happens on the server side. The end client doesn't get to choose the
> encoding scheme. That is an opaque implementation choice.
>
>> Without some guidance as to how to pick which of the two MTI algorithms, I propose that we should in fact just pick one algorithm. Please comment on this idea, along with which algorithm you think we should pick if you think we should pick just one.
> As I said, I don't see why it matters, but if I'm wrong, and I have to
> pick one, I would choose SHA-1 for the illusion of security it
> provides (but I would do so kicking and screaming the entire way).
>
>> If we were picking just one, of course, there's no rule that says that we'd have to pick either MD5 or SHA-1. If we thought that there was a potential security issue being surfaced, we could also just pick SHA-256.
> <sigh> ;-)
>
> Tom
> _______________________________________________
> mdx mailing list
> mdx at lists.iay.org.uk
> http://lists.iay.org.uk/listinfo.cgi/mdx-iay.org.uk

More information about the mdx mailing list