Clarify "left truncated SHA-2 hash" in section on symmetric encryption

Issue #1005 resolved
Hans Zandbelt created an issue

Perhaps this is something that bothers non-native speakers only (which still makes it relevant I guess) but it seems that the native speakers I have consulted are not 100% sure either about the following:

I am not sure how to interpret the wording around how to derive the symmetric key from a client_secret in the Symmetric Encryption section of:

The encryption section talks about using a "left truncated SHA-2 hash" but to me it is not clear if that means taking the left-most bits or the right-most bits as I don't know if "left" refers to the truncation itself (truncation happens on the left side of the part that remains) or the partial hash that remains (keep the left part after truncating on the right side).

This is especially confusing for developers that have also implemented other parts like "at_hash" (or "c_hash") validation as a similar procedure is described there as "take the left-most bits" which is unambiguous to me. "left-most bits" is used in various places where at_hash and c_hash are described e.g.

I would like: a) the same language to be used across the Core spec to avoid confusion or interpretation differences. b) opt for "left-most bits" as the unambiguous language

Comments (3)

  1. Log in to comment