[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remove little-used algorithms from IKEv2

To: Uri Blumenthal <uri@lucent.com>
Subject: Re: Remove little-used algorithms from IKEv2
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Thu, 14 Mar 2002 20:31:29 -0800
Cc: "Hallam-Baker, Phillip" <pbaker@verisign.com>, ipsec@lists.tislabs.com
In-Reply-To: <3C9176B6.23706837@lucent.com>
References: <2F3EC696EAEED311BB2D009027C3F4F405869A08@vhqpostal.verisign.com><p05101410b8b6caac4c2b@[165.227.249.20]> <3C9176B6.23706837@lucent.com>
Sender: owner-ipsec@lists.tislabs.com

At 11:21 PM -0500 3/14/02, Uri Blumenthal wrote:
>Considering how close internally MD5 and SHA-1 are - I'd expect
>that any real "catastrophic" failure of one will affect the
>other...

I hear a theme here. :-) OK, if that is true, then it is fine to 
remove MD5 as long as there is at least one other unrelated hash 
algorithm that can be widely implemented in an interoperable fashion.

>  > MD5 has a huge amount of implementation experience behind it.
>
>Why is this of importance...?

Because falling back to an algorithm for which there is bad 
interoperability is bad. It does not serve the IPsec users.

--Paul Hoffman, Director
--VPN Consortium

References:
- RE: Remove little-used algorithms from IKEv2
  - From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- RE: Remove little-used algorithms from IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
- Re: Remove little-used algorithms from IKEv2
  - From: Uri Blumenthal <uri@lucent.com>

Prev by Date: Re: Remove private-use values from IKEv2
Next by Date: Re: Remove little-used algorithms from IKEv2
Prev by thread: Re: Remove little-used algorithms from IKEv2
Next by thread: Re: Remove little-used algorithms from IKEv2
Index(es):
- Date
- Thread