RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: draft-ietf-mip6-auth-protocol-01.txtanddraft-ietf-mip6-mn-ident-option-00.txt
"alpesh" <alpesh@cisco.com> Fri, 17 December 2004 18:00 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA15830 for <mip6-web-archive@ietf.org>; Fri, 17 Dec 2004 13:00:18 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CfMXX-0005qb-Th for mip6-web-archive@ietf.org; Fri, 17 Dec 2004 13:09:20 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CfMBs-0002Ve-0U; Fri, 17 Dec 2004 12:46:56 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CfM41-0000jd-Ty for mip6@megatron.ietf.org; Fri, 17 Dec 2004 12:38:50 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA13665 for <mip6@ietf.org>; Fri, 17 Dec 2004 12:38:47 -0500 (EST)
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CfMCi-00053b-4n for mip6@ietf.org; Fri, 17 Dec 2004 12:47:48 -0500
Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-2.cisco.com with ESMTP; 17 Dec 2004 09:42:45 -0800
Received: from mira-sjc5-b.cisco.com (IDENT:mirapoint@mira-sjc5-b.cisco.com [171.71.163.14]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id iBHHcFsv026791; Fri, 17 Dec 2004 09:38:15 -0800 (PST)
Received: from alpeshw2k03 (sjc-vpn1-725.cisco.com [10.21.98.213]) by mira-sjc5-b.cisco.com (MOS 3.4.5-GR) with ESMTP id AZX57516; Fri, 17 Dec 2004 09:48:20 -0800 (PST)
Message-Id: <200412171748.AZX57516@mira-sjc5-b.cisco.com>
From: alpesh <alpesh@cisco.com>
To: 'James Kempf' <kempf@docomolabs-usa.com>, 'Kent Leung' <kleung@cisco.com>, 'Wing Cheong Lau' <lau@qualcomm.com>
Subject: RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: draft-ietf-mip6-auth-protocol-01.txtanddraft-ietf-mip6-mn-ident-option-00.txt
Date: Fri, 17 Dec 2004 09:38:13 -0800
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300
Thread-Index: AcTkNmb2OiIQoFgERxuXPaSfGLvi0gAKKv+Q
In-Reply-To: <006a01c4e433$6a479e40$4f6015ac@dcml.docomolabsusa.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 22bbb45ef41b733eb2d03ee71ece8243
Content-Transfer-Encoding: 7bit
Cc: mip6@ietf.org, 'Francis Dupont' <Francis.Dupont@enst-bretagne.fr>, Basavaraj.Patil@nokia.com
X-BeenThere: mip6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mip6.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip6@ietf.org>
List-Help: <mailto:mip6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=subscribe>
Sender: mip6-bounces@ietf.org
Errors-To: mip6-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 68ba2b07ef271dba6ee42a93832cfa4c
Content-Transfer-Encoding: 7bit
James - Agree. I have moved on HMAC_SHA1/SHA1 where appropriate. As Kent mentioned, we are working on a draft to do SHA-1 auth for Radext WG -a > -----Original Message----- > From: mip6-bounces@ietf.org [mailto:mip6-bounces@ietf.org] On > Behalf Of James Kempf > Sent: Friday, December 17, 2004 4:25 AM > To: Kent Leung; Wing Cheong Lau > Cc: mip6@ietf.org; Francis Dupont; Basavaraj.Patil@nokia.com > Subject: Re: [Mip6] WG LC (Deadline Dec 18th,04) for I-Ds: > draft-ietf-mip6-auth-protocol-01.txtanddraft-ietf-mip6-mn-iden > t-option-00.txt > > I'd suggest that someone write a draft for the radext WG > proposing MD5 be replaced with SHA-1. > > I doubt that the security directorate will let > draft-ietf-mip6-auth-protocol progress, even as > Informational, if MD5 is in it. > > jak > > ----- Original Message ----- > From: "Wing Cheong Lau" <lau@qualcomm.com> > To: "Kent Leung" <kleung@cisco.com>; "James Kempf" > <kempf@docomolabs-usa.com> > Cc: <mip6@ietf.org>; "Francis Dupont" > <Francis.Dupont@enst-bretagne.fr>; > <Basavaraj.Patil@nokia.com> > Sent: Thursday, December 16, 2004 2:33 PM > Subject: Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: > draft-ietf-mip6-auth-protocol-01.txt > anddraft-ietf-mip6-mn-ident-option-00.txt > > > > At 01:34 PM 12/16/2004, Kent Leung wrote: > > >Hi James. > > > > > >Acknowledged. Unless there's disagreement, we'll replace > MD5 context > > >with SHA-1 in the document. > > > > > >Thanks. > > > > > >Kent > > Dear Kent, > > > > Once you replace MD5 with SHA-1, will you be proposing corresponding > > extensions/ changes to > > RADIUS and CHAP so that one can use RADIUS/CHAP to > authenticate a BU using > > MN-AAA authentication > > option in your draft ? (there is no mentioning of SHA-1 in > RFC2865 or RFC > > 1996 so far). > > > > If not, how will the MN-AAA option interoperate with the AAA ? > > > > Regards, > > > > Wing > > > > >At 05:41 PM 12/14/2004 -0800, James Kempf wrote: > > >> > - another point: MD5 should be replaced by SHA-1 > everywhere in the > > >>document. > > >> > > >>Yes, this can't be emphasized strongly enough. > > >> > > >>Results by Xiaoyun Wang from China presented at Crypto in > Santa Barbara > this > > >>summer showed that with 1 hr of precomputation on IBM P690, new > collisons on > > >>1024 bit messages could be generated every 15 sec. to 5 > min. MD5 should > be > > >>considered insecure and not used, and it should be EOL-ed > in existing > IETF > > >>protocols and replaced with SHA-1. > > >> > > >>SHA-1 appears to be secure after 40 rounds but has been > broken up to 40 > (it > > >>typically takes 80), which appears to be the limit > possible with the > current > > >>cryptanalysis technique. Whether its possible to break > SHA-1 completely, > > >>remains to be seen. > > >> > > >> jak > > >> > > >> > > >> > > >>_______________________________________________ > > >>Mip6 mailing list > > >>Mip6@ietf.org > > >>https://www1.ietf.org/mailman/listinfo/mip6 > > > > > >-- > > > | | Kent Leung > > > :|: :|: IP Mobility Development > > > :|||: :|||: IOS Technologies Division > > > :|||||||: :|||||||: Voice: 408.526.5030 > > >.:|||||||||:.:|||||||||:. Fax: 408.525.1653 > > > c i s c o S y s t e m s Email: kleung@cisco.com > > > > > >_______________________________________________ > > >Mip6 mailing list > > >Mip6@ietf.org > > >https://www1.ietf.org/mailman/listinfo/mip6 > > > > > > > > _______________________________________________ > Mip6 mailing list > Mip6@ietf.org > https://www1.ietf.org/mailman/listinfo/mip6 > _______________________________________________ Mip6 mailing list Mip6@ietf.org https://www1.ietf.org/mailman/listinfo/mip6
- [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds: dr… Basavaraj.Patil
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Junghoon Jee
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… Jari Arkko
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Vijay Devarapalli
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Charlie P
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… James Kempf
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Rajeev Koodli
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Wing Cheong Lau
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- RE: [Mip6] Comments on draft-ietf-mip6-auth-proto… alpesh
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Kent Leung
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… James Kempf
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- [Mip6] Comments on draft-ietf-mip6-mn-ident-optio… Jari Arkko
- [Mip6] Comments on draft-ietf-mip6-auth-protocol-… Jari Arkko
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… AC Mahendran
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh
- Re: [Mip6] Comments on draft-ietf-mip6-auth-proto… Charles E. Perkins
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- Re: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… Francis Dupont
- RE: [Mip6] WG LC (Deadline Dec 18th, 04) for I-Ds… alpesh