[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

response to Last Call on: IP Authentication using Keyed MD5

To: perry@imsi.com
Subject: response to Last Call on: IP Authentication using Keyed MD5
From: hugo@watson.ibm.com (H.Krawczyk)
Date: Fri, 30 Jun 1995 17:29:22 -0400
Cc: hugo@watson.ibm.com, ipsec@ans.net



 >
 > It appears that all that is needed to incorporate Hugo's suggestion is
 > a change of a line or two of the MD5 AH draft to specify that the
 > prepended part of the key be padded out with a 1 bit and some number
 > of 0 bits to 512 bits. Am I correct on this, Hugo?

Right, that's the only change to the calculation description.

 >
 > Given the simplicity of this change, I'm inclined to see if we can
 > insert it before RFC publication, in spite of the late timing. Again,
 > this depends on what my co-authors say and on general consensus.

I am not sure if draft draft-ietf-ipsec-ah-md5 is needed anymore. The
mandatory function for implementation can be specified in Atkinson's
draft-ietf-ipsec-auth by referencing a protocol-independent description of
the function as done in draft-krawczyk-keyed-md5 or similar document.

 >
 > It would also be nice if Hugo were to post a message explaining the

I hope the message I sent an hour ago will help in this regard.

 > rationale for this in approximate laymans terms. (I'd still like him
 > to write the language to insert but I don't have much hope that he'll
 > do it.)

I have contributed text by posting draft-krawczyk-keyed-md5. Contributing
to draft-ietf-ipsec-ah-md5 would mean for me changing it to the language
used in my draft.


Hugo

 >
 > Perry

Next by Date: Re: response to Last Call on: IP Authentication using Key
Next by thread: Re: response to Last Call on: IP Authentication using Keyed MD5
Index(es):
- Main
- Thread