[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: response to Last Call on: IP Authentication using Keyed MD5
Dear Perry,
I think it is wrong to characterize Hugo as jumping into this at the
last minute: Hugo has been trying, unsuccessfully, to get the MAC mechanism
straightened out for a very long time. When you say "PLEASE DONT EVER
DO THIS AGAIN!" you do Hugo (and the community) an injustice.
Your note suggests that the "correct" model is to have the more
knowledgeable scientists press less knowledgeable authors to insert
bits of language into their documents. This will never work to yield
good cryptographic architecture or mechanisms. In this case the entire
MD5 MAC document was in need of being redone (e.g. a transform was not
even cleanly (use-independently) specified).
Your final remark characterizes Hugo's Internet Draft as a "technical
correction" (which is unjust) and suggests that there will be ample
opportunities to absorb such "corrections" in the future (a prospect I
find extremely unlikely).
Phil Rogaway