Date: Fri, 20 Jun 1997 16:26:16 -0700
From: David.Brownell@Eng (David Brownell)
Message-Id: <199706202326.QAA05989@argon.eng.sun.com>
To: java-security@web2.javasoft.com
Subject: Re: A very picky remark on algorithm names
I've also had the comment, from Eric Young (I forget why),
that it would be good to make "SHA0" (or "SHA-0") available.
Evidently there's some text in the DSS spec that boils down
to using the original SHA, not the revised one, so there can
still be a virtue to supporting SHA-0.
- Dave
p.s. This is another comment from Steve that reminds me
rather a lot of what I've said, too often ... :-)
> From burnettS@RSA.COM Fri Jun 20 15:25:46 1997
> From: Steve Burnett <burnettS@RSA.COM>
> To: "'JavaSoft crypto questions'" <java-security@web2.javasoft.com>
> Subject: A very picky remark on algorithm names
> Date: Fri, 20 Jun 1997 15:29:34 -0700
>
>
> This concerns the name of an algorithm listed in Appendix A of the
> Java Crypto API reference. The official name for the SHA1 digest
> algorithm is "SHA-1" and can also be called "SHA". Like I say, this is a
> picky point, but SHA and SHA1 are two different algorithms. SHA was the
> first and found to be inadequate. SHA1 improved it. Maybe it would be
> better to only allow specifically SHA1. There probably won't be
> confusion, but it might just be best to be precise.
>
> But also about that name, the "dash" between the "A" and "1" is
> inconvenient. In our implementation of crypto in Java, class names are
> based on the Strings users will pass in (it makes parsing easier and the
> library much more extensible). I imagine other providers will also want
> to base class names on the Strings, so this would probably not be a
> change that satisfies only one company.
>
> So it would be great if the name of SHA1 were "SHA1" and only that.
>
> This is related to the name "PKCS#5" to indicate a padding scheme.
> The pound sign is inconvenient (in addition to the fact that PKCS#5 is
> PBE, not just padding).
>
> --Steve Burnett
> burnetts@rsa.com
>