response to Last Call on: IP Authentication using Keyed MD5

hugo@watson.ibm.com (H.Krawczyk) Wed, 05 July 1995 15:15 UTC

Message-Id: <199507051503.AA06072@interlock.ans.net>
Date: Fri, 30 Jun 1995 17:29:22 -0400
From: hugo@watson.ibm.com
To: perry@imsi.com
Subject: response to Last Call on: IP Authentication using Keyed MD5
Cc: hugo@watson.ibm.com, ipsec@ans.net


 >
 > It appears that all that is needed to incorporate Hugo's suggestion is
 > a change of a line or two of the MD5 AH draft to specify that the
 > prepended part of the key be padded out with a 1 bit and some number
 > of 0 bits to 512 bits. Am I correct on this, Hugo?

Right, that's the only change to the calculation description.

 >
 > Given the simplicity of this change, I'm inclined to see if we can
 > insert it before RFC publication, in spite of the late timing. Again,
 > this depends on what my co-authors say and on general consensus.

I am not sure if draft draft-ietf-ipsec-ah-md5 is needed anymore. The
mandatory function for implementation can be specified in Atkinson's
draft-ietf-ipsec-auth by referencing a protocol-independent description of
the function as done in draft-krawczyk-keyed-md5 or similar document.

 >
 > It would also be nice if Hugo were to post a message explaining the

I hope the message I sent an hour ago will help in this regard.

 > rationale for this in approximate laymans terms. (I'd still like him
 > to write the language to insert but I don't have much hope that he'll
 > do it.)

I have contributed text by posting draft-krawczyk-keyed-md5. Contributing
to draft-ietf-ipsec-ah-md5 would mean for me changing it to the language
used in my draft.


Hugo

 >
 > Perry

response to Last Call on: IP Authentication using… H.Krawczyk
Re: response to Last Call on: IP Authentication u… Perry E. Metzger