A very picky remark on algorithm names

Steve Burnett (burnettS@RSA.COM)
Fri, 20 Jun 1997 15:29:34 -0700

Message-Id: <c=US%a=_%p=RSA_Data_Securit%l=LOBESTER-970620222934Z-5581@LOBESTER.rsa.com>
From: Steve Burnett <burnettS@RSA.COM>
To: "'JavaSoft crypto questions'" <java-security@web2.javasoft.com>
Subject: A very picky remark on algorithm names
Date: Fri, 20 Jun 1997 15:29:34 -0700

This concerns the name of an algorithm listed in Appendix A of the
Java Crypto API reference. The official name for the SHA1 digest
algorithm is "SHA-1" and can also be called "SHA". Like I say, this is a
picky point, but SHA and SHA1 are two different algorithms. SHA was the
first and found to be inadequate. SHA1 improved it. Maybe it would be
better to only allow specifically SHA1. There probably won't be
confusion, but it might just be best to be precise.

But also about that name, the "dash" between the "A" and "1" is
inconvenient. In our implementation of crypto in Java, class names are
based on the Strings users will pass in (it makes parsing easier and the
library much more extensible). I imagine other providers will also want
to base class names on the Strings, so this would probably not be a
change that satisfies only one company.

So it would be great if the name of SHA1 were "SHA1" and only that.

This is related to the name "PKCS#5" to indicate a padding scheme.
The pound sign is inconvenient (in addition to the fact that PKCS#5 is
PBE, not just padding).

--Steve Burnett
burnetts@rsa.com