Re: [secdir] Review of draft-ietf-opsec-routing-protocols-crypto-issues-04
Sam Hartman <hartmans-ietf@mit.edu> Thu, 27 May 2010 18:48 UTC
Return-Path: <hartmans@mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A7F93A68A5 for <secdir@core3.amsl.com>; Thu, 27 May 2010 11:48:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.68
X-Spam-Level:
X-Spam-Status: No, score=-1.68 tagged_above=-999 required=5 tests=[AWL=0.585, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QDQLNtTBpQIe for <secdir@core3.amsl.com>; Thu, 27 May 2010 11:48:22 -0700 (PDT)
Received: from mail.suchdamage.org (permutation-city.suchdamage.org [69.25.196.28]) by core3.amsl.com (Postfix) with ESMTP id 369CE3A690E for <secdir@ietf.org>; Thu, 27 May 2010 11:48:22 -0700 (PDT)
Received: from carter-zimmerman.suchdamage.org (carter-zimmerman.suchdamage.org [69.25.196.178]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id 9D976202FB; Thu, 27 May 2010 14:48:10 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id A5C5443EF; Thu, 27 May 2010 14:47:40 -0400 (EDT)
From: Sam Hartman <hartmans-ietf@mit.edu>
To: Nicolas Williams <Nicolas.Williams@oracle.com>
References: <20100520172310.GQ9605@oracle.com>
Date: Thu, 27 May 2010 14:47:40 -0400
In-Reply-To: <20100520172310.GQ9605@oracle.com> (Nicolas Williams's message of "Thu, 20 May 2010 12:23:11 -0500")
Message-ID: <tsl632918s3.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: shares@nexthop.com, jjaeggli@checkpoint.com, manav.bhatia@alcatel-lucent.com, vishwas@ipinfusion.com, secdir@ietf.org
Subject: Re: [secdir] Review of draft-ietf-opsec-routing-protocols-crypto-issues-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 May 2010 18:48:23 -0000
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams@oracle.com> writes: Nicolas> I have reviewed this document as part of the security Nicolas> directorate's ongoing effort to review all IETF documents Nicolas> being processed by the IESG. Document editors and WG chairs Nicolas> should treat these comments just like any other last call Nicolas> comments. Nicolas> This document aims to be an Informational RFC describing Nicolas> security problems with various routing protocols. Nicolas> Aside from various spelling and other nits that the Nicolas> RFC-Editor can easily handle, I have no issues with this Nicolas> document and it is ready for publication. This document talks a lot about collision attacks against MD5 and then draws the conclusion that MD5 should not be used as part of a MAC. I agree that it is prudent to provide alternatives to MD5. However, I think the current text implies that collision attacks against MD5 are applicable to attacks against the use of MD5 in routing protocols. There is an introductory section that describes the difference between pre image and collision attacks, but the rest of the document seems to ignore the advice of that section.
- [secdir] Review of draft-ietf-opsec-routing-proto… Nicolas Williams
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sandra Murphy
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Nicolas Williams
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sandra Murphy
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sandra Murphy
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Nicolas Williams
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sandra Murphy
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Sam Hartman
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Bhatia, Manav (Manav)
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Bhatia, Manav (Manav)
- Re: [secdir] Review of draft-ietf-opsec-routing-p… Bhatia, Manav (Manav)