[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AH padding after MD5/SHA1 hash value
> From what I understand from the wording in RFC240[234],
> - for sender side, it is not illegal to attach more than 96 bits
> into authentication data field. RFC2403 does not require us to
> attach exactly 96bits. It just say "truncated value using the
> first 96 bits MUST be supported". It is not clear to us whether
> 96bit truncation is the requirement, or not.
> This seems odd while we call those AH algorithms as "HMAC-MD5-96".
> If we do not require truncation to 96bits, why we call it "96"?
There is the reason at the section 5 in RFC2104, but it doesn't mentioned
strongly.
Follow-Ups:
References: