Re: Stephen Farrell's Discuss on draft-ietf-6man-stable-privacy-addresses-16: (with DISCUSS and COMMENT)

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

On 01/21/2014 04:47 PM, Simon Perreault wrote:
> It said "DISCUSS" at the top, so I'll do just that...
> 
> Le 2014-01-21 11:20, Fernando Gont a écrit :
>> On 01/21/2014 12:52 PM, Stephen Farrell wrote:
>>> (1) Section 5: Why mention only MD5 and SHA1? Why not
>>> HMAC-SHA256?
>>
>> They are just examples. I guess we could add HMAC-SHA256, too. I have no
>> objections to that.
> 
> On all the platforms I know there would be no practical reason to pick
> MD5. Something better is always available and just as easy to use. I
> don't want new code to use MD5 "because it was given as an example in
> the RFC". Removing MD5 from the examples list would make me happy.

Right - give good examples and don't give bad ones is the
easy fix. HMAC-SHA1 and HMAC-SHA256 would be good ones to
give. (And if you have sha1 then you can easily use HMAC-SHA1.)

>>> (2) Why might a sys admin want to display the
>>> secret key?
>>
>> e.g., you want a replacement system to generate the same addresses.
> 
> Good reason IMHO.

Was that mentioned in the requirements? Seems a little less
likely but I guess it could be one.

If keeping it, I'd say give the example and then add a
security consideration that that interface might be
vulnerable (e.g. 'cat /proc/net/eth0/rfcxxx-secret'
doesn't give me a nice warm security fuzzy feeling:-)
and needs to be protected.

Another easy fix if needed. (Apologies if that's there
already and I missed it.)

S.



> 
> Simon