IETF Logo Mail Archive

Re: [keyassure] crypto hash alg deprecation is a myth

Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 04 March 2011 00:56 UTC

Return-Path: <pgut001@login01.cs.auckland.ac.nz>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B420A3A68AE for <keyassure@core3.amsl.com>; Thu, 3 Mar 2011 16:56:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.594
X-Spam-Level:
X-Spam-Status: No, score=-103.594 tagged_above=-999 required=5 tests=[AWL=0.005, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fAy6aDfWnCnI for <keyassure@core3.amsl.com>; Thu, 3 Mar 2011 16:56:47 -0800 (PST)
Received: from mx2-int.auckland.ac.nz (mx2-int.auckland.ac.nz [130.216.12.41]) by core3.amsl.com (Postfix) with ESMTP id 4D46A3A687C for <keyassure@ietf.org>; Thu, 3 Mar 2011 16:56:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1299200276; x=1330736276; h=from:to:subject:cc:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<pgut001@cs.auckland.ac.nz> |To:=20hallam@gmail.com,=20rob.stradling@comodo.com |Subject:=20Re:=20[keyassure]=20crypto=20hash=20alg=20dep recation=20is=20a=20myth|Cc:=20keyassure@ietf.org |In-Reply-To:=20<AANLkTimgvJ5G4NystNrBUXdq2rNkp8THC1tPGQE fV97T@mail.gmail.com>|Message-Id:=20<E1PvJL7-0001ue-72@lo gin01.fos.auckland.ac.nz>|Date:=20Fri,=2004=20Mar=202011 =2013:57:53=20+1300; bh=vn+oF59GDNarM0Pb3s0GuNEBs5f92cU3oYh06LxBJDk=; b=gOukHHpPHTunZ8Veo6IRVJh278Fj9Z4gxzsIjDoqz9qgMXetagn7+zQX WPbJ35xhwQfh+ccAvgjuOKEq1lHpGLTd+zMwaj6K8UD6FjbhiYW8z9d4A 8Xaz2VQzWsGzFP0DWoNuZ6KORLJZTjWd5XFP8uZ46wKfDu2lHcYiWtVs3 Q=;
X-IronPort-AV: E=Sophos;i="4.62,261,1296990000"; d="scan'208";a="49085946"
X-Ironport-HAT: APP-SERVERS - $RELAYED
X-Ironport-Source: 130.216.33.150 - Outgoing - Outgoing
Received: from mf1.fos.auckland.ac.nz ([130.216.33.150]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 04 Mar 2011 13:57:53 +1300
Received: from login01.fos.auckland.ac.nz ([130.216.34.40]) by mf1.fos.auckland.ac.nz with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <pgut001@login01.cs.auckland.ac.nz>) id 1PvJL7-0003k1-Gz; Fri, 04 Mar 2011 13:57:53 +1300
Received: from pgut001 by login01.fos.auckland.ac.nz with local (Exim 4.69) (envelope-from <pgut001@login01.cs.auckland.ac.nz>) id 1PvJL7-0001ue-72; Fri, 04 Mar 2011 13:57:53 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: hallam@gmail.com, rob.stradling@comodo.com
In-Reply-To: <AANLkTimgvJ5G4NystNrBUXdq2rNkp8THC1tPGQEfV97T@mail.gmail.com>
Message-Id: <E1PvJL7-0001ue-72@login01.fos.auckland.ac.nz>
Date: Fri, 04 Mar 2011 13:57:53 +1300
Cc: keyassure@ietf.org
Subject: Re: [keyassure] crypto hash alg deprecation is a myth
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2011 00:56:48 -0000

Phillip Hallam-Baker <hallam@gmail.com> writes:

>The reason that there is concern about algorithm support in protocols is that
>it takes a very very long time to get changes through the system. It can take
>five years to persuade vendors to make changes and then another ten for the
>old software to work through the system.

See also Question J of
http://www.cs.auckland.ac.nz/~pgut001/pubs/crypto_guide.txt (based on a very
ad hoc survey of a bunch of implementers, but it's good enough as a rough
guide).

Peter.

v2.23.0 | Report a Bug | By Email