Do we need a stronger hash for In reply to? for External content hash? for the message ID?

rohanmahy commented 4 months ago

CNSA 2.0 and other security guidelines no longer recommend SHA-256.

In Reply To

Should we make the default hash SHA-384 instead of SHA-256?

External content

Should we make the default hash SHA-384 instead of SHA-256?

Message ID

Currently the Message ID is the SHA-256 of the ciphertext of the message.The goal was to have a fixed length field

Options:

Keep it SHA-256
Make is the first 32 octets of the SHA-384 hash
Make it the entire SHA-384 hash
Make it a variable length so it can grow (but need to add down negotiation prevention)

rohanmahy commented 4 months ago

The conclusion from MIMI interim on 8-May-2024 of everyone who commented was that we should ignore this issue for now and continue to use SHA-256 unless/until someone from another IETF or IRTF explains why this is necessary.

turt2live commented 4 months ago

I wasn't at the interim (sorry), but +1 to sticking with sha256 until there's a good argument otherwise.

rohanmahy commented 3 months ago

Strong consensus to keeping SHA256. Marking as closed.

ietf-wg-mimi / draft-ietf-mimi-content