Re: [Hash] Proposed agenda for IETF 63 in Paris

"Steven M. Bellovin" <smb@cs.columbia.edu> Sat, 16 July 2005 00:16 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DtaMR-0005Ft-2q; Fri, 15 Jul 2005 20:16:55 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DtaMP-0005Fo-4W for hash@megatron.ietf.org; Fri, 15 Jul 2005 20:16:53 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA08968 for <hash@ietf.org>; Fri, 15 Jul 2005 20:16:48 -0400 (EDT)
Received: from machshav.com ([147.28.0.16]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1DtapG-0004Ae-LY for hash@ietf.org; Fri, 15 Jul 2005 20:46:44 -0400
Received: by machshav.com (Postfix, from userid 512) id 1A86BFB28A; Fri, 15 Jul 2005 20:16:44 -0400 (EDT)
Received: from berkshire.machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id DBC2DFB284; Fri, 15 Jul 2005 20:16:42 -0400 (EDT)
Received: from cs.columbia.edu (localhost [127.0.0.1]) by berkshire.machshav.com (Postfix) with ESMTP id A7FE33BFEFC; Fri, 15 Jul 2005 20:16:41 -0400 (EDT)
X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4
X-Exmh-Isig-CompType: repl
X-Exmh-Isig-Folder: hash
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [Hash] Proposed agenda for IETF 63 in Paris
In-Reply-To: Your message of "Wed, 06 Jul 2005 08:27:38 PDT." <p062309c7bef1a7a85773@[63.249.99.114]>
Mime-Version: 1.0
Content-Type: text/plain
Date: Fri, 15 Jul 2005 20:16:41 -0400
Message-Id: <20050716001641.A7FE33BFEFC@berkshire.machshav.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1
Cc: Hash WG <hash@ietf.org>
X-BeenThere: hash@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: hash.lists.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hash>
List-Post: <mailto:hash@lists.ietf.org>
List-Help: <mailto:hash-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=subscribe>
Sender: hash-bounces@lists.ietf.org
Errors-To: hash-bounces@lists.ietf.org

In message <p062309c7bef1a7a85773@[63.249.99.114]>;, Paul Hoffman writes:
>We have asked for a one-hour slot for the BOF because there is not 
>much to work out yet. I propose that the hour be spent as:
>
>1) 30 minutes - charter agreement
>2) 30 minutes - presentation(s) on truncation and salting proposals and issues
>
>Because this is a BOF, not a working group, we need to be sure we 
>have agreement on the charter before the IESG considers whether or 
>not to really form the WG. We'll start with the last charter I posted 
>(amended as Ben pointed out to make it less ASN.1esque) and see how 
>the folks in the room feel.
>
>Does this agenda make sense?
>

Paul, Eric Rescorla and I would like a few minutes to discuss our new 
paper "Deploying a New Hash Algorithm".  A draft is available at 
http://www.cs.columbia.edu/~smb/papers/new-hash.ps and
http://www.cs.columbia.edu/~smb/papers/new-hash.pdf .  (Our apologies 
that it is not in I-D format -- it is aimed at the NIST 
Cryptographic Hash Workshop, which has different formatting 
requirements.

Here's the abstract:

	As a result of recent discoveries, the strength of hash
	functions such as MD5 and SHA-1 have been called into
	question.  Regardless of whether or not it is necessary to
	move away from those now, it is clear that it will be
	necessary to do so in the not-too-distant future.  This
	poses a number of challenges, especially for certificate-based
	protocols.  We analyze S/MIME, TLS, and IPsec.  All three
	require protocol or implementation changes.  We explain
	the necessary changes, show how the conversion can be done,
	and list what measures should be taken immediately.



_______________________________________________
Hash mailing list
Hash@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/hash