Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blake2b algorithm identifier #364

Closed
pwinckles opened this issue Jul 26, 2019 · 6 comments · Fixed by #379
Closed

blake2b algorithm identifier #364

pwinckles opened this issue Jul 26, 2019 · 6 comments · Fixed by #379
Assignees
@ahankinson
Labels
OCFL Object
Milestone
1.0

Comments

@pwinckles
Copy link

blake2b is listed in the digest algorithm table, but the output size is not specified. The notes say "full-length form only," which I assume means blake2b-512. For the sake of clarity and interpretability, I think it would be useful to use the complete identifier.
@pwinckles
Copy link
Author

I haven't gotten around to making the pull request yet, but, in light of the inventory size concerns discussed in #367, perhaps multiple different blake2b output sizes should be supported?

@zimeon
Copy link
Contributor

zimeon commented Sep 13, 2019

RFC7693 sec 4 "Standard Parameter Sets and Algorithm Identifiers" suggests identifiers id-blake2b512, id-blake2b256, and id-blake2b160. I don't like the id- prefix and am not really sure how standard its use it. However, I tend to agree with @pwinckles that we should use identifiers with an explicit length designation. Based on possible use cases with many versions where inventory size may be a concern (see #367) it may be worth including shorter versions, perhaps down to id-blake2b160 which has a digest of 20 bytes and hence 40 hex digits (rather than 128 digits for id-blake2b512 and sha512)

@jrochkind
Copy link

If multiple sizes were to be supported, would you expect the client reading blake2b digests would know which size were used simply by looking at the size of the output hex-encoded digest? Or would that be indicated by different values used to specify different sizes? That seems inadvisable.

Ref #371, I think the left column table of digests is meant to be a controlled vocabulary of digests, so if you wanted metadata to say what bytesize blake2b were used, I guess you'd need to list each allowed byte size in that table, with a string indicating it.

@eocarragain
Copy link

multihash may be relevant here, but perhaps too untested/niche for use in OCFL?

@ahankinson
Copy link
Contributor

We looked into multihash, but felt that it introduced a dependency into the stack that detracted from the interoperability of using 'pure' hash algorithms. One of the design parameters for OCFL is that it should be usable in a default OS installation, with some built-in future-proofing (shasum is a common utility now, but it's likely that the blake CLI utilities will be more widely available soon. b2sum has been added as part of the GNU coreutils, but I don't think it's trickled down to all the distros yet).

@rosy1280 rosy1280 added this to the 1.0 milestone Oct 2, 2019
@ahankinson ahankinson self-assigned this Oct 2, 2019
@rosy1280
Copy link
Contributor

rosy1280 commented Oct 2, 2019

refs #371

ahankinson added a commit that referenced this issue Oct 2, 2019
@ahankinson
Fixed: clarify blake2b-512 for digest algorithm
9b5e858 
Fixes #364
@ahankinson ahankinson mentioned this issue Oct 2, 2019
Merged
julianmorley pushed a commit that referenced this issue Oct 2, 2019
@ahankinson @julianmorley
Digest algorithms (#379)
433e8f2 
* Fixed: clarify definition and usage of digests

Adds clarifying language around how the values given in the digests table should be used.

Fixes #371

* Fixed: clarify blake2b-512 for digest algorithm

Fixes #364

* Fixed: consistency

* Fixed: Add extensions clarification

* Fixed: Remove empty href
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ahankinson ahankinson

Labels
OCFL Object
Projects
None yet
Milestone
1.0
Development

Successfully merging a pull request may close this issue.

Digest algorithms OCFL/spec
6 participants
@rosy1280 @jrochkind @ahankinson @zimeon @eocarragain @pwinckles