Re: [secdir] Review of draft-ietf-opsec-routing-protocols-crypto-issues-04

Sam Hartman <> Thu, 27 May 2010 18:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8A7F93A68A5 for <>; Thu, 27 May 2010 11:48:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.68
X-Spam-Status: No, score=-1.68 tagged_above=-999 required=5 tests=[AWL=0.585, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QDQLNtTBpQIe for <>; Thu, 27 May 2010 11:48:22 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 369CE3A690E for <>; Thu, 27 May 2010 11:48:22 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by (Postfix) with ESMTPS id 9D976202FB; Thu, 27 May 2010 14:48:10 -0400 (EDT)
Received: by (Postfix, from userid 8042) id A5C5443EF; Thu, 27 May 2010 14:47:40 -0400 (EDT)
From: Sam Hartman <>
To: Nicolas Williams <>
References: <>
Date: Thu, 27 May 2010 14:47:40 -0400
In-Reply-To: <> (Nicolas Williams's message of "Thu, 20 May 2010 12:23:11 -0500")
Message-ID: <>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: Re: [secdir] Review of draft-ietf-opsec-routing-protocols-crypto-issues-04
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 27 May 2010 18:48:23 -0000

>>>>> "Nicolas" == Nicolas Williams <> writes:

    Nicolas> I have reviewed this document as part of the security
    Nicolas> directorate's ongoing effort to review all IETF documents
    Nicolas> being processed by the IESG. Document editors and WG chairs
    Nicolas> should treat these comments just like any other last call
    Nicolas> comments.

    Nicolas> This document aims to be an Informational RFC describing
    Nicolas> security problems with various routing protocols.

    Nicolas> Aside from various spelling and other nits that the
    Nicolas> RFC-Editor can easily handle, I have no issues with this
    Nicolas> document and it is ready for publication.

This document talks a lot about collision attacks against MD5 and then
draws the conclusion that MD5 should not be used as part of a MAC.  I
agree that it is prudent to provide alternatives to MD5.  However, I
think the current text implies that collision attacks against MD5 are
applicable to attacks against the use of MD5 in routing protocols.

There is an introductory section that describes the difference between
pre image and collision attacks, but the rest of the document seems to
ignore the advice of that section.