[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remove little-used algorithms from IKEv2

To: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Subject: Re: Remove little-used algorithms from IKEv2
From: Uri Blumenthal <uri@lucent.com>
Date: Thu, 14 Mar 2002 23:21:10 -0500
Cc: "Hallam-Baker, Phillip" <pbaker@verisign.com>, ipsec@lists.tislabs.com
Organization: Lucent Technologies
Original-CC: "Hallam-Baker, Phillip" <pbaker@verisign.com>, ipsec@lists.tislabs.com
References: <2F3EC696EAEED311BB2D009027C3F4F405869A08@vhqpostal.verisign.com> <p05101410b8b6caac4c2b@[165.227.249.20]>
Sender: owner-ipsec@lists.tislabs.com

Paul Hoffman / VPNC wrote:
> >Any reason for keeping the MD5 algorithms
>
> - We want it in there in case of a catastrophic failure of SHA-1 and
> the related bigger SHAs.

Considering how close internally MD5 and SHA-1 are - I'd expect
that any real "catastrophic" failure of one will affect the
other...
 
> It is good practice to have a well-understood fallback in case of
> catastrophic failure.

See above.

> MD5 has a huge amount of implementation experience behind it.

Why is this of importance...?
--
Regards,
Uri
-=-=-=<>=-=-
<Disclaimer>

Follow-Ups:
- Re: Remove little-used algorithms from IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

References:
- RE: Remove little-used algorithms from IKEv2
  - From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- RE: Remove little-used algorithms from IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

Prev by Date: Re: Remove little-used algorithms from IKEv2
Next by Date: Re: Remove private-use values from IKEv2
Prev by thread: RE: Remove little-used algorithms from IKEv2
Next by thread: Re: Remove little-used algorithms from IKEv2
Index(es):
- Date
- Thread