Re: [Cfrg] What crypto algorithm is referenced most in RFCs?

Joachim Strömbergson <Joachim@Strombergson.com> Tue, 14 June 2011 06:16 UTC

Message-ID: <4DF6FCAD.1000704@Strombergson.com>
Date: Tue, 14 Jun 2011 08:16:13 +0200
From: Joachim Strömbergson <Joachim@Strombergson.com>
Organization: Kryptologik
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: cfrg@irtf.org
References: <4A7C9D3B-70C6-4D14-A5D8-F54D84DBBEA9@cisco.com>
In-Reply-To: <4A7C9D3B-70C6-4D14-A5D8-F54D84DBBEA9@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Subject: Re: [Cfrg] What crypto algorithm is referenced most in RFCs?
Precedence: list
Reply-To: Joachim@Strombergson.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aloha!

On 2011:06:13 16:04, David McGrew wrote:
> That last page can be used to answer the question in the subject line. 
> (Hint: it is not something most of us probably recommend anymore.)

I was amazed that there were so many of those drafts that are in
standards track. Drafts in informational track describing uses of
insecure algorithms is imho ok, since they document a practice.
Similarly, RFCs are a done deal and if they are a standard RFC must be
replaced by newer RFCs to fix security issues.

But in 2011 writing a draft for standards track that includes known
insecure, broken algorithms?

Would it be fruitful to browse the list try and identify the most
pressing cases and try to convince the authors that they should mend
their ways?

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Kryptoblog - IT-säkerhet på svenska
http://www.strombergson.com/kryptoblog
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk32/K0ACgkQZoPr8HT30QF7lACfSUrUM2Ue5RDfK9CZ7379LaSS
mn4AnRgV7Q37ZaUfwm4gzGdODQOMFwOa
=vQLC
-----END PGP SIGNATURE-----

Re: [Cfrg] What crypto algorithm is referenced mo… Joachim Strömbergson
[Cfrg] What crypto algorithm is referenced most i… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Joachim Strömbergson
Re: [Cfrg] What crypto algorithm is referenced mo… Sean Turner
Re: [Cfrg] What crypto algorithm is referenced mo… Brian Smith
Re: [Cfrg] What crypto algorithm is referenced mo… Sean Turner
Re: [Cfrg] What crypto algorithm is referenced mo… Jon Callas
Re: [Cfrg] What crypto algorithm is referenced mo… Simon Josefsson
Re: [Cfrg] What crypto algorithm is referenced mo… Jon Callas
Re: [Cfrg] What crypto algorithm is referenced mo… Peter Gutmann
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Stephen Farrell
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… Stephen Farrell
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… Stephen Farrell
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… Joachim Strömbergson
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… Jon Callas
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Thomas Pornin
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew
Re: [Cfrg] What crypto algorithm is referenced mo… Marshall Eubanks
Re: [Cfrg] What crypto algorithm is referenced mo… David McGrew