[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
response to Last Call on: IP Authentication using Keyed MD5
>
> It appears that all that is needed to incorporate Hugo's suggestion is
> a change of a line or two of the MD5 AH draft to specify that the
> prepended part of the key be padded out with a 1 bit and some number
> of 0 bits to 512 bits. Am I correct on this, Hugo?
Right, that's the only change to the calculation description.
>
> Given the simplicity of this change, I'm inclined to see if we can
> insert it before RFC publication, in spite of the late timing. Again,
> this depends on what my co-authors say and on general consensus.
I am not sure if draft draft-ietf-ipsec-ah-md5 is needed anymore. The
mandatory function for implementation can be specified in Atkinson's
draft-ietf-ipsec-auth by referencing a protocol-independent description of
the function as done in draft-krawczyk-keyed-md5 or similar document.
>
> It would also be nice if Hugo were to post a message explaining the
I hope the message I sent an hour ago will help in this regard.
> rationale for this in approximate laymans terms. (I'd still like him
> to write the language to insert but I don't have much hope that he'll
> do it.)
I have contributed text by posting draft-krawczyk-keyed-md5. Contributing
to draft-ietf-ipsec-ah-md5 would mean for me changing it to the language
used in my draft.
Hugo
>
> Perry