Re: [Cfrg] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]

To summarize the comments I received on this I-D:

1) Finally!

2) Is there any precedent with moving informational to historic.

Russ suggested I ask Scott Bradner what he thought about this.  His
response (repeated here with permission):

"1/ my personal view is that historic should be only used for
  cases where we want to say 'do not use'

  2/ seems like a reasonable thing to do in this case

  fwiw, I have always felt that it is important to document
  any such move that is done for a real reason (not just because
  people think it is not used) with a RFC"

I'd consider this support for moving informational RFCs to historic.

3) Why target MD2?

This was really a trial balloon.  I'm planning on doing something with
MD4 and MD5 too ;)

4) It's better to have a security algorithms roadmap.

I tend to agree, but I thought I was shooting for the low hanging fruit.

5) Remove keywords and delete obsolete references.

Anything to track less references is a good thing!

6) Do an updates document instead, because there might still be other
uses for MD2/MD4/MD5 that don't require collision resistance (e.g., HMAC).

I'd like to treat MD2/MD4/MD5 the same, but some HMAC uses are
probably still okay for a little while (at least that what's I'm
turning up through research). But, I can't really see us saying that
HAMC-MD2 and HMAC-MD4 are okay to keep using in the mid/long term.  I
think we ought to be saying "jump off the sinking ship now" because it
takes a while for crypto to go away just like it does to get fielded.
  Luckily, there are only a few places where HMAC-MD2 or HMAC-MD4 are
specified.  MD5/HMAC-MD5 is another story.  I like the idea of just
updating MD5's security considerations to say don't use MD5 if you
need collision resistance and that it is (or is probably) okay for HMAC.

I updated the md2-to-historic I-D
(http://datatracker.ietf.org/doc/draft-turner-md2-to-historic/) to
actually talk about attacks against MD2 and submitted a similar draft
for MD4 (http://datatracker.ietf.org/doc/draft-turner-md4-to-historic/).
  I also submitted one that updates the MD5 security considerations
(http://datatracker.ietf.org/doc/draft-turner-md5-seccon-update/).
Comments on all are welcome.

spt

Sean Turner wrote:
> (apologies if you get this multiple times)
> 
> I'm looking for feedback on this draft that proposes moving MD2 to 
> historic status.
> 
> Thanks,
> 
> spt
> 
> ------------------------------------------------------------------------
> 
> Subject:
> I-D ACTION:draft-turner-md2-to-historic-00.txt
> From:
> Internet-Drafts@ietf.org
> Date:
> Wed, 9 Jun 2010 15:00:02 -0700 (PDT)
> To:
> i-d-announce@ietf.org
> 
> To:
> i-d-announce@ietf.org
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> 
> 
> 	Title		: MD2 to Historic Status
> 	Author(s)	: S. Turner
> 	Filename	: draft-turner-md2-to-historic-00.txt
> 	Pages		: 6
> 	Date		: 2010-6-8
> 	
>    This document recommends the retirement of MD2 and discusses the 
>    reasons for doing so.  This document recommends RFC 1319 be moved to 
>    Historic status. 
> 
> 
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-turner-md2-to-historic-00.txt
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> Below is the data which will enable a MIME compliant mail reader
> implementation to automatically retrieve the ASCII version of the
> Internet-Draft.
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> I-D-Announce mailing list
> I-D-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/i-d-announce
> Internet-Draft directories: http://www.ietf.org/shadow.html
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt