SHA3 IANA registration - method?

Andrey Jivsov openpgp at
Fri Dec 14 18:55:46 CET 2012

On 12/14/2012 03:24 AM, Werner Koch wrote:
> On Thu, 13 Dec 2012 21:46, openpgp at said:
>> fingerprints in the same spec, this makes things easier. The issue in
>> my mind is that OpenPFP fingerprint and SHA-3 may be dependent if the
>> OpenPGP community is to adapt the hardwired SHA-3 fingerprints. In
> Which has not even be discussed.  Back when the SHA-3 process started we
> said that we will wait for the outcome of it and only then start working
> on a a new key format.  Whether this will use SHA-3 or SHA-2 needs to to
> discussed.  Given that there is no real world experience with SHA-3, we
> can't assume anything at that point.  And if we want to do go for a new
> key format I am in favor of rechartering the WG than to have the IETF
> decide on individual I-Ds for such changes.

The new key format is a much broader task. Perhaps I wasn't clear on 
what motivated my comments on fingerprints. What I meant came as a 
result of my review of the hash use in RFC 4880, done in the process of 
writing the SHA3 draft that I sent out (this analysis is summarized in 
the spec). My focus was of the weakening of security due of the SHA1 and 
its deprecation by standard bodies. The use of fingerprints in OpenPGP 
should be viewed as dependent on collision resistance of the hash 
function, in our case, unfortunately, on the collision resistance of the 
SHA1 without the path to upgrade the hash algorithm. Ideally, we should 
plan ahead and have some solution that can be slowly introduced.

With this in mind I thought that it would be reasonable to deal with 
this shorter term problem in fingerprints as a separate task. Rewriting 
the key format seems like a bigger undertaking and I am not sure that 
there is much demand for the new key format. In any case, we can wait 
with new format longer than with SHA-1 deprecation.

Thank you.

More information about the Gnupg-devel mailing list