Re: [pkcs11] Proposal: CKM_SHA512_224, CKM_SHA512_256, CKM_SHA512_T

[Andrey Jivsov <Andrey_Jivsov@symantec.com>]

On 08/05/2013 06:20 PM, Michael StJohns wrote:
> There's some disconnect going on here.  SHA1 has been 
> deprecated/prohibited only for signatures, it's still permitted for 
> general hashes, KDFs, PRFs and HMACs.  So for the current document, 
> its perfectly acceptable to talk about 160 bit lengths.

For non-digital signature uses (i.e. for applications that don't depend 
on collision resistance) there is no known weakness in SHA-1. These 
applications can continue using SHA-1. There won't be a compliance issue 
regarding this (again, in non-digital signature applications).

The question remains: where would SHA-512/160 be needed today and in the 
future? I don't see such a use.