Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs
Eric Rescorla <ekr@rtfm.com> Mon, 02 January 2017 18:04 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13B91128B38 for <mmusic@ietfa.amsl.com>; Mon, 2 Jan 2017 10:04:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idSm7U4-impY for <mmusic@ietfa.amsl.com>; Mon, 2 Jan 2017 10:04:18 -0800 (PST)
Received: from mail-yw0-x22c.google.com (mail-yw0-x22c.google.com [IPv6:2607:f8b0:4002:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 747EB1200A0 for <mmusic@ietf.org>; Mon, 2 Jan 2017 10:04:18 -0800 (PST)
Received: by mail-yw0-x22c.google.com with SMTP id r204so272504980ywb.0 for <mmusic@ietf.org>; Mon, 02 Jan 2017 10:04:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=T5bjFR/Qum2XIaLNyQh6XYe8rPcodi8Mw7BRo161j4g=; b=HNlBPdH7M5I02x087CTZ1Ex9yZYTcNRFcBRPPoSei1gV6mUFKn3mfCEivR9FdH7oNC Jz+Yqo/XJGyZcGK84AtU1G+98Nnk2U9Ws6xIFhJRcb25AG3Xmm81ykDabKxgzzfd/Yhq I0nUZSXXIuU/k8m0mghieL8/+aMDnE4Jn2Pf9EarG7Xe/b0qExB7MGx6bhliRhqoC++4 0swd2v/6znC336byh+7Y72sYHBciFUAyjiIsoUOO1t2Jn232YjbgvLUuCx638CyaDDv1 cT+XIPevCf+z0v1f/OJxkvuM373Md/GiUG444vEn9rV9aZx3OUSwJhwsVNnCgckyrKIc fIUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=T5bjFR/Qum2XIaLNyQh6XYe8rPcodi8Mw7BRo161j4g=; b=WqG3DAcGUOd3m/GwZ4ezO2NMn6ThOU7Q2KYZGIWohhfVfP7x9sw0NwjSYDXg97LM2M IbAtULwF5nPLG+LKD58tROZQiIdvPRUko1jr3IXbAGHnl0AiCWbA4pooEKwcTAjDubHi n6D3JERGeCba/DDL+vJlw9u7R7DfXLeIGtbyO8yvpJZvN+aot9ruzM6hKvQFgjU76ddW y1578n+6Cw/ga7TMefMVum1WFGj/NUsZXgIReL8vKHDMBKPG0pAZ/DPB4Qp0/0YWYyQO R/wewleE47V+U0ln6VLHw52HSSWR6pUIW2lNIX7NOBKlglIbTWzyRXg5icsMblcc0R+1 jvMQ==
X-Gm-Message-State: AIkVDXJG0KEcojODvLETZZcauAD0Rus1zDX7dGPVx04RdXHHxxhnvCT8WyrGuhOVEJCzEZqsRUlteU5/GiJAAg==
X-Received: by 10.129.125.215 with SMTP id y206mr53582195ywc.234.1483380257652; Mon, 02 Jan 2017 10:04:17 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.164.210 with HTTP; Mon, 2 Jan 2017 10:03:37 -0800 (PST)
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B4BF53260@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B4BF50A9B@ESESSMB209.ericsson.se> <7594FB04B1934943A5C02806D1A2204B4BF50DF5@ESESSMB209.ericsson.se> <CABkgnnWLw7QPLd6qtgN1C-Pg+UHim6s=QK0EFgkYViQy8Ad2oQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B4BF53260@ESESSMB209.ericsson.se>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 02 Jan 2017 10:03:37 -0800
Message-ID: <CABcZeBNGm27Hf4mrGosjpAMOYSc2_O-4q72-HNpC5g0D_mhKzQ@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: multipart/alternative; boundary="001a11492dfa53575105452061a6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/GMH39Ulb87Lg02mpzzv47v8pxUw>
Cc: "Jonathan Lennox (jonathan@vidyo.com)" <jonathan@vidyo.com>, "mmusic@ietf.org" <mmusic@ietf.org>, "Cullen Jennings (fluffy@iii.ca)" <fluffy@iii.ca>
Subject: Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jan 2017 18:04:20 -0000
On Mon, Jan 2, 2017 at 2:41 AM, Christer Holmberg < christer.holmberg@ericsson.com> wrote: > Hi, > > >We can remove MD2. MD5 is dead, SHA-1 is in its death throes, but MD2 is > merely a >(bad) memory. > > So, my suggestion is to remove all references to MD2 (including the ABNF) > for now, and we'll then see what the security folks say about MD5 and SHA-1. > Given the threat model here, I think we want to tell people to ignore MD* (i.e., treat it as an unknown hash) and to accept SHA-1 (though perhaps only temporarily). Accordingly, I propose removing MD2 and MD5 from this grammar, but leave SHA-1. -Ekr Regards, > > Christer > > > On 30 December 2016 at 22:27, Christer Holmberg < > christer.holmberg@ericsson.com> wrote: > > Hi, > > > > > > > > Please note the following: > > > > > > > > RFC 6149, which obsoletes RFC 1319, makes MD2 historic. Do people have > > a problem with that? I assume we’ll end up in trouble with the > > security folks if we keep the old RFC… > > > > > > > > And, considering MD2 is historic, do we even need to mention it in > > draft-4572-update anymore? > > > > > > > > Regards, > > > > > > > > Christer > > > > > > > > > > > > From: mmusic [mailto:mmusic-bounces@ietf.org] On Behalf Of Christer > > Holmberg > > Sent: 30 December 2016 11:42 > > To: mmusic@ietf.org > > Cc: Jonathan Lennox (jonathan@vidyo.com) <jonathan@vidyo.com>; Cullen > > Jennings (fluffy@iii.ca) <fluffy@iii.ca> > > Subject: [MMUSIC] draft-4572-update: Spec contains references to a > > number of obsoleted RFCs > > > > > > > > Hi, > > > > > > > > The idnits check returns the following for draft-4572-update. > > > > > > > > ** Obsolete normative reference: RFC 1319 (ref. '3') (Obsoleted by RFC > > 6149) > > > > > > > > ** Downref: Normative reference to an Informational RFC: RFC 1321 (ref. > > '4') > > > > > > > > ** Obsolete normative reference: RFC 3280 (ref. '8') (Obsoleted by > > RFC > > 5280) > > > > > > > > ** Obsolete normative reference: RFC 4234 (ref. '11') (Obsoleted by > > RFC > > > > 5234) > > > > > > > > ** Obsolete normative reference: RFC 4288 (ref. '12') (Obsoleted by > > RFC > > > > 6838) > > > > > > > > ** Obsolete normative reference: RFC 4346 (ref. '13') (Obsoleted by > > RFC > > > > 5246) > > > > > > > > -- Obsolete informational reference (is this intentional?): RFC 2617 > (ref. > > > > '15') (Obsoleted by RFC 7235, RFC 7615, RFC 7616, RFC 7617) > > > > > > > > -- Obsolete informational reference (is this intentional?): RFC 3525 > (ref. > > > > '20') (Obsoleted by RFC 5125) > > > > > > > > -- Obsolete informational reference (is this intentional?): RFC 3851 > (ref. > > > > '22') (Obsoleted by RFC 5751) > > > > > > > > The reason for this is that we used RFC 4572 as base, and did not > > change/update the references. > > > > > > > > I had a look, and I don’t think there should be any issues in > > replacing the current RFCs with the new ones. But, please indicate if > you see any issues. > > > > > > > > Regards, > > > > > > > > Christer > _______________________________________________ > mmusic mailing list > mmusic@ietf.org > https://www.ietf.org/mailman/listinfo/mmusic >
- [MMUSIC] draft-4572-update: Spec contains referen… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Eric Rescorla
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Cullen Jennings
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Cullen Jennings
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Roman Shpount
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Roman Shpount
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg