[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Remove little-used algorithms from IKEv2
At 11:21 PM -0500 3/14/02, Uri Blumenthal wrote:
>Considering how close internally MD5 and SHA-1 are - I'd expect
>that any real "catastrophic" failure of one will affect the
>other...
I hear a theme here. :-) OK, if that is true, then it is fine to
remove MD5 as long as there is at least one other unrelated hash
algorithm that can be widely implemented in an interoperable fashion.
> > MD5 has a huge amount of implementation experience behind it.
>
>Why is this of importance...?
Because falling back to an algorithm for which there is bad
interoperability is bad. It does not serve the IPsec users.
--Paul Hoffman, Director
--VPN Consortium