[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: keyed-MD5

To: hugo@watson.ibm.com
Subject: Re: keyed-MD5
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 29 Nov 1995 13:44:48 -0500
Cc: IPSEC@ans.net
In-Reply-To: Your message of "Wed, 29 Nov 1995 12:18:10 EST." <199511291748.AA01084@interlock.ans.net>
Reply-To: perry@piermont.com

hugo@watson.ibm.com writes:
> I have sumbitted a new version
> of my internet-draft on keyed MD5 (draft-krawczyk-keyed-md5-01.txt).
[...]
> I hope that you agree with me that it is not too late to move to
> this new proposal. It involves no difficulty for existing implementations
> to change the function, and it offers a significantly better understood
> security. On the other hand, it is better to do it now before these
> standards are  widely deployed in products.

I think it might be a good idea to adopt it, and even to make it
mandatory, but the existing RFC is out. If the consensus is to adopt
it, we'll have to make this a new transform in addition to the old
rather than a replacement for the old -- too many people have already
coded to the old spec. Were we to adopt the idea, it would probably
also be best to simply put this in a new and separate RFC until the
entire protocol is advanced in the standardization process, and
mandate it at that point.

In any case, your proposal requires some study...

Perry

References:

keyed-MD5

From: hugo@watson.ibm.com

Prev by Date: NRL IPsec/IPv6 code
Next by Date: SKEME
Prev by thread: keyed-MD5
Next by thread: NRL IPsec/IPv6 code
Index(es):
- Main
- Thread