[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Remove little-used algorithms from IKEv2
Paul Hoffman / VPNC wrote:
> >Any reason for keeping the MD5 algorithms
>
> - We want it in there in case of a catastrophic failure of SHA-1 and
> the related bigger SHAs.
Considering how close internally MD5 and SHA-1 are - I'd expect
that any real "catastrophic" failure of one will affect the
other...
> It is good practice to have a well-understood fallback in case of
> catastrophic failure.
See above.
> MD5 has a huge amount of implementation experience behind it.
Why is this of importance...?
--
Regards,
Uri
-=-=-=<>=-=-
<Disclaimer>