Re: [secdir] Request for early review of draft-bryan-http-digest-algorithm-values-update
Uri Blumenthal <uri@MIT.EDU> Tue, 13 October 2009 17:31 UTC
Return-Path: <uri@MIT.EDU>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 697A13A697C for <secdir@core3.amsl.com>; Tue, 13 Oct 2009 10:31:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.185
X-Spam-Level:
X-Spam-Status: No, score=-4.185 tagged_above=-999 required=5 tests=[BAYES_40=-0.185, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gwQPy+2jjiiT for <secdir@core3.amsl.com>; Tue, 13 Oct 2009 10:31:02 -0700 (PDT)
Received: from south-station-annex.mit.edu (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by core3.amsl.com (Postfix) with ESMTP id 26BDB3A690D for <secdir@ietf.org>; Tue, 13 Oct 2009 10:31:01 -0700 (PDT)
Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by south-station-annex.mit.edu (8.13.6/8.9.2) with ESMTP id n9DHUYqq016221; Tue, 13 Oct 2009 13:30:48 -0400 (EDT)
Received: from outgoing-legacy.mit.edu (OUTGOING-LEGACY.MIT.EDU [18.7.22.104]) by central-city-carrier-station.mit.edu (8.13.6/8.9.2) with ESMTP id n9DGxmNl008596; Tue, 13 Oct 2009 12:59:53 -0400 (EDT)
Received: from webmail-6.mit.edu (WEBMAIL-6.MIT.EDU [18.9.23.16]) ) by outgoing-legacy.mit.edu (8.13.6/8.12.4) with ESMTP id n9DGxg0M011394; Tue, 13 Oct 2009 12:59:43 -0400 (EDT)
Received: from webmail-6.mit.edu (webmail-6.mit.edu [127.0.0.1]) by webmail-6.mit.edu (8.13.8) with ESMTP id n9DGoi5u002610; Tue, 13 Oct 2009 12:50:44 -0400
Received: (from nobody@localhost) by webmail-6.mit.edu (8.13.8/8.13.8/Submit) id n9DGoi0e002608; Tue, 13 Oct 2009 12:50:44 -0400
X-Authentication-Warning: webmail-6.mit.edu: nobody set sender to uri@mit.edu using -f
Received: from LLPROXY.LL.MIT.EDU (LLPROXY.LL.MIT.EDU [129.55.200.20]) (User authenticated as uri@ATHENA.MIT.EDU) by webmail.mit.edu (Horde MIME library) with HTTP; Tue, 13 Oct 2009 12:50:44 -0400
Message-ID: <20091013125044.szphqm8fb4s80gk8@webmail.mit.edu>
X-Priority: 3 (Normal)
Date: Tue, 13 Oct 2009 12:50:44 -0400
From: Uri Blumenthal <uri@MIT.EDU>
To: Anthony Bryan <anthonybryan@gmail.com>
References: <bb9e09ee0910122326o2c61fcfat5a03e5ba8c2a38aa@mail.gmail.com>
In-Reply-To: <bb9e09ee0910122326o2c61fcfat5a03e5ba8c2a38aa@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.0.3)
X-Scanned-By: MIMEDefang 2.42
Cc: secdir@ietf.org
Subject: Re: [secdir] Request for early review of draft-bryan-http-digest-algorithm-values-update
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Oct 2009 17:31:03 -0000
I've reviewed this draft. It just adds more hash functions to HTTP Digest mechanism, and as such - does not add any security exposures beyond those discussed in RFC 3230 and 2617. I'm OK with it. Quoting Anthony Bryan <anthonybryan@gmail.com>: > Lisa Dusseault suggested I ask for early review here. All help is > appreciated! > > A new version of I-D, > draft-bryan-http-digest-algorithm-values-update-01.txt has been > successfuly submitted by Anthony Bryan and posted to the IETF > repository. > > Filename: draft-bryan-http-digest-algorithm-values-update > Revision: 01 > Title: Hypertext Transfer Protocol (HTTP) Digest Algorithm > Values Registry Update > Creation_date: 2009-10-07 > WG ID: Independent Submission > Number_of_pages: 5 > > Abstract: > [RFC3230] created the IANA registry named "Hypertext Transfer > Protocol (HTTP) Digest Algorithm Values" which defines values for > digest algorithms used in HTTP. This draft adds new values to the > registry and updates previous values. > > -- > (( Anthony Bryan ... Metalink [ http://www.metalinker.org ] > )) Easier, More Reliable, Self Healing Downloads > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir >
- [secdir] Request for early review of draft-bryan-… Anthony Bryan
- Re: [secdir] Request for early review of draft-br… Uri Blumenthal