[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 considered insecure?



Ran Atkinson says:
> In my own personal mind, it raises the question of how we should proceed
> on the AH transforms.  Possible options for the WG to consider include
> at least these:
>   - Make both HMAC MD5 and HMAC SHA-1 mandatory-to-implement
>   - Make HMAC MD5 optional-to-implement and HMAC SHA-1 mandatory-to-implement 

The second one makes much more sense. Why would we be mandating
something that we know isn't likely to stay "good" for long?

> One question I have is whether it would be sensible to substitute HMAC SHA-1
> for HMAC MD5 in the ESP "DES-CBC HMAC MD5 Replay" transform.  What do folks
> think is best ?

This substitution seems the most logical choice.
-- 
Regards,
Uri		uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>


References: