[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] Last Call: 'Cryptographic Algorithm ImplementationRequirements For ESP And AH' to Proposed Standard
In message <Pine.GSO.4.44_heb2.09.0407072207480.21829-100000@ee.technion.ac.il>
, Hugo Krawczyk writes:
>Draft draft-ietf-ipsec-esp-ah-algorithms-01.txt
>specifies HMAC-MD5 as MAY (in the list of authentication algorithms).
>
>Given that 8 years after the invention of HMAC and 8 years after
>Dobbertin's attacks on MD5 there is no single piece of evidence (big or
>small) against the use of HMAC-MD5, and given that HMAC-MD5 is close to
>twice the speed of HMAC-SHA1, then I suggest to upgrade HMAC-MD5 to SHOULD
>(it is good to make it available for applications that need the speed,
>especially in authentication-only configurations (are there any?)
>
>Just a suggestion. Feel free to ignore.
>
What did the WG say if/when you raised this during WG Last Call?
--Steve Bellovin, http://www.research.att.com/~smb
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec