This is a static archive of the previous Open Grid Forum Redmine content management system saved from host redmine.ogf.org file /boards/14/topics/481 at Thu, 03 Nov 2022 01:52:05 GMT SHA-1 MUST NOT be used, SHA-512 SHOULD NOT be used - Public Comments - Open Grid Forum

SHA-1 MUST NOT be used, SHA-512 SHOULD NOT be used

Added by Jim Basney about 7 years ago

The current draft says "SHA-1 or stronger MUST be used" but IGTF has now completely phased out use of SHA-1. The document should be updated to "SHA-256 or stronger MUST be used".

Also given SHA-512 compatibility issues with TLS 1.2 (https://bugzilla.mozilla.org/show_bug.cgi?id=1129083), the document should state "SHA-512 SHOULD NOT be used due to compatibility issues with current TLS 1.2 implementations."


Replies (2)

RE: SHA-1 MUST NOT be used, SHA-512 SHOULD NOT be used - Added by Jim Basney about 7 years ago

See also https://www.eugridpma.org/meetings/2015-05/summary-eugridpma-2015-05-copenhagen.txt which says:

SHA-2 implementation status
---------------------------
New developments and discussions like those held on the Mozilla NSS
bug tracker at https://bugzilla.mozilla.org/show_bug.cgi?id=1129083
have raised concerns about the long-term viability of SHA-512. Although
there are no current poignant issues, it may be advisable to
not use SHA-512 for new long-term choices, but instead use SHA-256
(or SHA-384 which is not specifically better but, it being included in
the TLS1.2 suite of digest functions is better supported).

We remind issuing authorities that
- it is now allowed and encouraged to issue SHA-2 familty CRLs
- for long lives CRLs (those issues by off-line Root CAs that are not
issuing CAs), it is RECOMMENDED to issue SHA-2 (sha256) CRLs now
- there are quite a few intermediate CAs still using SHA-1. These can
be re-issued with a new serial number (provided the end-entity EEC
certificates do not have an explicit serialNumber in their authorityKeyID)
Registration is through your PMA chair or trusted registrar

and when you are at it, new CAs should probably start using 4096-RSA bit
key pairs and sha-256 for longevity and compatibility.

RE: SHA-1 MUST NOT be used, SHA-512 SHOULD NOT be used - Added by David Groep over 6 years ago

Summarizing the Bratislava CAOPS consensus:
Updated guidance to that at least SHA-256 MUST be used, and added footnote to refer to MS KB 2973337 on SHA-51 support.

(1-2/2)

This is a static archive of the previous Open Grid Forum Redmine content management system saved from host redmine.ogf.org file /boards/14/topics/481 at Thu, 03 Nov 2022 01:52:05 GMT