Protocol Action: The Use of HMAC-RIPEMD-160-96 within ESP and AH to Proposed Standard

[The IESG <iesg-secretary@ietf.org>]

The IESG has approved the Internet-Draft 'The Use of HMAC-RIPEMD-160-96
within ESP and AH' <draft-ietf-ipsec-auth-hmac-ripemd-160-96-04.txt> as
a Proposed Standard.  This document is the product of the IP Security
Protocol Working Group.  The IESG contact persons are Jeffrey Schiller
and Marcus Leech.

Technical Summary

This document describes an HMAC mode for the RIPEMD secure hash algorithm
for use within ESP and AH in IPSEC.  The European community prefers RIPEMD
over both SHA-1 and MD5, so an HMAC mode is necessary that describes the
use of RIPEMD.

Working Group Summary

There was working group concensus on this document, although not a lot
of commentary.  The document describes the "obvious" solution.


Protocol Quality

This document has been reviewed for the IESG by Marcus Leech.

Note to RFC Editor:

The IESG requests the RFC Editor to modify the text in the reference of RFC2104 as follows:

OLD:

[RFC-2104] discusses requirements for key material, which includes a
discussion on requirements for strong randomness.  A strong pseudo-
random function MUST be used to generate the required 160-bit key.

NEW:

[RFC-2104] discusses requirements for key material, which includes a
discussion on requirements for strong randomness.  A strong pseudo-
random function MUST be used to generate the required 160-bit key.
Implementors should refer to RFC-1750 for guidance on the requirements
for such functions.


Also, please change the RIPEMD-160 Reference to:

3.ISO/IEC 10118-3:1998, ``Information technology - Security
   techniques - Hash-functions - Part 3: Dedicated hash-functions,''
   International Organization for Standardization, Geneva,
   Switzerland, 1998.