[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

sha vs. md5

To: ipsec@TIS.COM
Subject: sha vs. md5
From: Rodney Thayer <rodney@sabletech.com>
Date: Fri, 24 May 1996 13:57:46 -0400
Sender: ipsec-approval@neptune.tis.com

After reading John Kennedy's comments on SHA-1 I decided I should share a
couple of my thoughts.  I don't mean to start a fight, just to offer some
opinions...

- I think it's architecturally unsound to mandate a protocol that can't be 
exported from the U.S.  besides, I believe it violates 1825, which makes a
comment on AH always being exportable.

- I agree that I expect we should be conservative on crypto issues and an
"it seems to be still ok" attitude sounds inappropriate.

- as I recall the last time I got to fill out export paperwork there was no
check-box marked "somebody on an IETF mailing list said the NSA said in a
telephone call it was ok to export this" so I do think you need to get
paperwork for this stuff, which makes it hard to move across country
boundries, which impacts deployment, which impacts architecture, which makes
exportability a technical issue  -- sorry.

                  Rodney Thayer           ::         rodney@sabletech.com
                  Sable Technology Corp   ::              +1 617 332 7292
                  246 Walnut St           ::         Fax: +1 617 332 7970     
                  Newton MA 02160 USA     ::  http://www.shore.net/~sable
                           "Developers of communications software"

Follow-Ups:

Re: sha vs. md5

From: "C. Harald Koch" <chk@border.com>

Prev by Date: Re: AH HMAC * Last Call
Next by Date: Re: MD5 vs. SHA-1, Selection Criteria
Prev by thread: IV treatment in esp-des-md5-01.txt
Next by thread: Re: sha vs. md5
Index(es):
- Main
- Thread