[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward

To: ipsec@TIS.COM
Subject: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Fri, 01 Mar 1996 13:04:35 +0100
Sender: ipsec-request@neptune.tis.com

At 13:36 29.2.96 -0800, you wrote:

>There has been very strong support for the use of HMAC as the "standard" 
>transform for AH.  A "change" of this mechanism sooner, rather than later, 
>would limit the impact on implementors. 

>From an implementors standpoint, I fully agree. Now is the easiest time to
change the algorithm employed. Later will be harder, as implementations will
tend to proliferate. So this forum 'simply' needs to make up its mind if
it's appropriate to change from 'keyed MD5' to a new transform. 
HMAC certainly is not weaker than keyed MD5, and strong indications exist
that it is indeed stronger, so I for one would prefer to have HMAC in the RFC.

Germano

Prev by Date: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Next by Date: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Prev by thread: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Next by thread: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Index(es):
- Main
- Thread