Re: [Ipsec] Last Call: 'Cryptographic Algorithm Implementation Requirements For ESP And AH' to Proposed Standard
Hugo Krawczyk <hugo@ee.technion.ac.il> Thu, 08 July 2004 00:50 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA01233 for <ipsec-archive@lists.ietf.org>; Wed, 7 Jul 2004 20:50:58 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BiLAJ-0002uM-8a; Wed, 07 Jul 2004 18:45:23 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1BiJpr-00047V-Ke for ipsec@megatron.ietf.org; Wed, 07 Jul 2004 17:20:11 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA17936 for <ipsec@ietf.org>; Wed, 7 Jul 2004 17:20:03 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BiJpl-0002Ne-1r for ipsec@ietf.org; Wed, 07 Jul 2004 17:20:05 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BiJot-00023Z-00 for ipsec@ietf.org; Wed, 07 Jul 2004 17:19:12 -0400
Received: from mailgw1.technion.ac.il ([132.68.238.34]) by ietf-mx with esmtp (Exim 4.12) id 1BiJoD-0001ic-00; Wed, 07 Jul 2004 17:18:29 -0400
Received: from localhost (localhost.localdomain [127.0.0.1]) by mailgw1.technion.ac.il (Postfix) with ESMTP id B8250FF986; Thu, 8 Jul 2004 00:18:28 +0300 (IDT) (envelope-from hugo@ee.technion.ac.il)
Received: from mailgw1.technion.ac.il ([127.0.0.1]) by localhost (mailgw1.technion.ac.il [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 03993-01-78; Thu, 8 Jul 2004 00:18:28 +0300 (IDT)
Received: from ee.technion.ac.il (ee.technion.ac.il [132.68.48.5]) by mailgw1.technion.ac.il (Postfix) with ESMTP id A8235FF898; Thu, 8 Jul 2004 00:18:23 +0300 (IDT) (envelope-from hugo@ee.technion.ac.il)
Received: from ee.technion.ac.il (localhost [127.0.0.1]) by ee.technion.ac.il (8.12.10+Sun/8.12.2) with ESMTP id i67LKnCR005490; Thu, 8 Jul 2004 00:20:49 +0300 (IDT)
Received: from localhost (hugo@localhost) by ee.technion.ac.il (8.12.10+Sun/8.12.2/Submit) with ESMTP id i67LKhFD005487; Thu, 8 Jul 2004 00:20:49 +0300 (IDT)
Date: Thu, 08 Jul 2004 00:20:43 +0300
From: Hugo Krawczyk <hugo@ee.technion.ac.il>
To: iesg@ietf.org
Subject: Re: [Ipsec] Last Call: 'Cryptographic Algorithm Implementation Requirements For ESP And AH' to Proposed Standard
In-Reply-To: <E1BdFXJ-0003Ay-5c@megatron.ietf.org>
Message-ID: <Pine.GSO.4.44_heb2.09.0407072207480.21829-100000@ee.technion.ac.il>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Virus-Scanned: by amavisd-new at technion.ac.il
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
Cc: ipsec@ietf.org, Donald.Eastlake@Motorola.com, IETF-Announce <ietf-announce@ietf.org>
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Draft draft-ietf-ipsec-esp-ah-algorithms-01.txt specifies HMAC-MD5 as MAY (in the list of authentication algorithms). Given that 8 years after the invention of HMAC and 8 years after Dobbertin's attacks on MD5 there is no single piece of evidence (big or small) against the use of HMAC-MD5, and given that HMAC-MD5 is close to twice the speed of HMAC-SHA1, then I suggest to upgrade HMAC-MD5 to SHOULD (it is good to make it available for applications that need the speed, especially in authentication-only configurations (are there any?) Just a suggestion. Feel free to ignore. Hugo On Wed, 23 Jun 2004, The IESG wrote: > The IESG has received a request from the IP Security Protocol WG to consider > the following document: > > - 'Cryptographic Algorithm Implementation Requirements For ESP And AH ' > <draft-ietf-ipsec-esp-ah-algorithms-01.txt> as a Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action.Please send any comments to the > iesg@ietf.org or ietf@ietf.org mailing lists by 2004-07-07. > > The file can be obtained via > http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-ah-algorithms-01.txt > > > _______________________________________________ > Ipsec mailing list > Ipsec@ietf.org > https://www1.ietf.org/mailman/listinfo/ipsec > _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] Last Call: 'Cryptographic Algorithm Imple… The IESG
- Re: [Ipsec] Last Call: 'Cryptographic Algorithm I… Hugo Krawczyk
- Re: [Ipsec] Last Call: 'Cryptographic Algorithm I… Bart Preneel
- Re: [Ipsec] Last Call: 'Cryptographic Algorithm I… Hugo Krawczyk
- Re: [Ipsec] Last Call: 'Cryptographic Algorithm I… Hugo Krawczyk
- Re: [Ipsec] Last Call: 'Cryptographic Algorithm I… Steven M. Bellovin