IETF Logo Mail Archive

Re: [Cfrg] What crypto algorithm is referenced most in RFCs?

Sean Turner <turners@ieca.com> Tue, 14 June 2011 22:35 UTC

Return-Path: <turners@ieca.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8B881F0C7D for <cfrg@ietfa.amsl.com>; Tue, 14 Jun 2011 15:35:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.148
X-Spam-Level:
X-Spam-Status: No, score=-102.148 tagged_above=-999 required=5 tests=[AWL=0.449, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FXSyGjB3iILA for <cfrg@ietfa.amsl.com>; Tue, 14 Jun 2011 15:35:39 -0700 (PDT)
Received: from nm15.access.bullet.mail.mud.yahoo.com (nm15.access.bullet.mail.mud.yahoo.com [66.94.237.216]) by ietfa.amsl.com (Postfix) with SMTP id E617F1F0C79 for <cfrg@irtf.org>; Tue, 14 Jun 2011 15:35:38 -0700 (PDT)
Received: from [66.94.237.198] by nm15.access.bullet.mail.mud.yahoo.com with NNFMP; 14 Jun 2011 22:35:36 -0000
Received: from [98.139.221.43] by tm9.access.bullet.mail.mud.yahoo.com with NNFMP; 14 Jun 2011 22:35:36 -0000
Received: from [127.0.0.1] by smtp105.biz.mail.bf1.yahoo.com with NNFMP; 14 Jun 2011 22:35:36 -0000
X-Yahoo-Newman-Id: 774493.65267.bm@smtp105.biz.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: gNzt8y8VM1npRQlVxcSwvEKSTGwcA7MCSFcIHc2WD6wGn.l G1TE4frbuCCwFJdAb_TIn5zyeiAh.Uvzfp1whBY5ay9PY9zInXYrROWG4295 P8vkjm7PpXLWflSC0ngt6v1ocqP5zT70QdWVb0Q3fSlMvJeKLMi7oBsPuxy_ ZlRwkkfmg15KOdsSFEnCh1hZHP82R.3lOI1oHeLwI3ejuo.EEVcs9p_MRFn0 GEpK6ESKbDhatfVob3ASySz74W9qEGMypYN5qdrVrR8u3CJt0iicWRMBNMU0 4VRLypvah4y8C0B4rc.3c9PceELwtKVdBovZtJFZd5tzxjfc7ZEPt2yhr03b cZyZqjvwamRurpl6bCUgBsMmN4fLcwSLik_1bqAJHGbJeVnWeGaTspPflttH dA9G0pnp8E7iJ25PQKFXo9LTn7p3Qqckfm7Qub2tNmXdjeWZUl2cu9bnAW3o wVzcEXDdW7FGldELL2N3o2PQsXes54aWigl.kUkiSpridGB0-
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
Received: from thunderfish.local (turners@71.191.15.93 with plain) by smtp105.biz.mail.bf1.yahoo.com with SMTP; 14 Jun 2011 15:35:35 -0700 PDT
Message-ID: <4DF7E236.3060603@ieca.com>
Date: Tue, 14 Jun 2011 18:35:34 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: Joachim@Strombergson.com
References: <4A7C9D3B-70C6-4D14-A5D8-F54D84DBBEA9@cisco.com> <4DF6FCAD.1000704@Strombergson.com>
In-Reply-To: <4DF6FCAD.1000704@Strombergson.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] What crypto algorithm is referenced most in RFCs?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2011 22:35:39 -0000

On 6/14/11 2:16 AM, Joachim Strömbergson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Aloha!
>
> On 2011:06:13 16:04, David McGrew wrote:
>> That last page can be used to answer the question in the subject line.
>> (Hint: it is not something most of us probably recommend anymore.)
>
> I was amazed that there were so many of those drafts that are in
> standards track. Drafts in informational track describing uses of
> insecure algorithms is imho ok, since they document a practice.
> Similarly, RFCs are a done deal and if they are a standard RFC must be
> replaced by newer RFCs to fix security issues.
>
> But in 2011 writing a draft for standards track that includes known
> insecure, broken algorithms?

Somebody has asked for draft that says don't use RC4.  I'm really busy 
but would gladly help deprecate RFC cipher suites in TLS. Unless of 
course, I'm totally wrong and we should keep them....

> Would it be fruitful to browse the list try and identify the most
> pressing cases and try to convince the authors that they should mend
> their ways?

Actually, it would.

spt

> - --
> Med vänlig hälsning, Yours
>
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
> Kryptoblog - IT-säkerhet på svenska
> http://www.strombergson.com/kryptoblog
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk32/K0ACgkQZoPr8HT30QF7lACfSUrUM2Ue5RDfK9CZ7379LaSS
> mn4AnRgV7Q37ZaUfwm4gzGdODQOMFwOa
> =vQLC
> -----END PGP SIGNATURE-----
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email