Re: [sipcore] I-D Action: draft-ietf-sipcore-digest-scheme-14.txt

Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 31 October 2019 21:55 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06BFB120A8C for <sipcore@ietfa.amsl.com>; Thu, 31 Oct 2019 14:55:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wR9AKcb2MoVB for <sipcore@ietfa.amsl.com>; Thu, 31 Oct 2019 14:55:27 -0700 (PDT)
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (mail-eopbgr720040.outbound.protection.outlook.com [40.107.72.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 460E0120A13 for <sipcore@ietf.org>; Thu, 31 Oct 2019 14:55:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MZxvQsHX0BHmrKcq1BkIdgpg0aHTI7OYQ9exvyDD6EvPv6kOseNZ6jwyrj6ApbM0icpDs7sJ+GlCXWFXQ70CrC7oauXcHBLA0hUmDGIJDuqbkvwujhZa8PQKlnSb1ti8S6UOANcr/dWhTB2iiojNT9ffNyl/Kt98DSXAQoBfZbj20hvSJYMkxSPX06Ts5JJPG6fDjN16cFipXO4Hqq1BOi4cQJ1hBkA5ChgcB01n+CeaDCVPCxPE/Vd75dK3UjQxbae1j6d1lN0U9mXJpoO0bALrrnActoio9EnnQXMRbNEvOeXbgje+I6iyxQedXv+VLBlz/kaTFT4fSFoPR+1qWA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uQpofihoAvJooTdSTsTtPrX+BpsitXIko2TklHhcx5U=; b=D73WEUdsKb395kPyxo30DNzTXvO3mnaB2wPAqMKDwBmg4xrVanJNwlWrIvHxPPRiB5w0ah9ShaMas/uxD3y8911+DFt0bWaTkuQvtyOEQxLbKe9KQww5RPyG7ZqNN4rPqDT9/FAg6imFjnPYvas1+qGiZVk/Kqh7Fn4+3A8KMjUkdPXN9FuxT2Q9RcqD4SL1/LydgD45AhPzVMJCQWiEDrc9cKH50jv0iWjkemdInII33obBaQrhDH549Cll5ZQ6JxGNQEnLNgn6toCaKDlqd+J2Mz3q9CK9yJoopz54F9HDy/LIzJOm7kZxpfc+wwG0zk5rTW9Bg3PX848JWMP/rg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 18.7.68.33) smtp.rcpttodomain=ietf.org smtp.mailfrom=alum.mit.edu; dmarc=bestguesspass action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uQpofihoAvJooTdSTsTtPrX+BpsitXIko2TklHhcx5U=; b=bUxFv+rCQ7ujHPKtXY/RqQVmEPYEk5vwgnmixZLWxVUduakC9UZKe6n/Y/L9pnl4ooqdNUU2uhYHTsAexMMc4MgIgkC6MYC9PH9Hgh+mYpRkdBTmgndI2hORMCsF1UGvYDuHDJurkkph/hREYcf59UEZx1t7VoqYsSaw68f+MPE=
Received: from DM3PR12CA0053.namprd12.prod.outlook.com (2603:10b6:0:56::21) by CH2PR12MB3752.namprd12.prod.outlook.com (2603:10b6:610:15::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.24; Thu, 31 Oct 2019 21:55:26 +0000
Received: from SN1NAM02FT057.eop-nam02.prod.protection.outlook.com (2a01:111:f400:7e44::207) by DM3PR12CA0053.outlook.office365.com (2603:10b6:0:56::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2408.20 via Frontend Transport; Thu, 31 Oct 2019 21:55:26 +0000
Authentication-Results: spf=pass (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=alum.mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of alum.mit.edu designates 18.7.68.33 as permitted sender) receiver=protection.outlook.com; client-ip=18.7.68.33; helo=outgoing-alum.mit.edu;
Received: from outgoing-alum.mit.edu (18.7.68.33) by SN1NAM02FT057.mail.protection.outlook.com (10.152.73.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2387.20 via Frontend Transport; Thu, 31 Oct 2019 21:55:25 +0000
Received: from Kokiri.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id x9VLtNAv021060 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for <sipcore@ietf.org>; Thu, 31 Oct 2019 17:55:24 -0400
To: sipcore@ietf.org
References: <157252797201.30364.11393682991189471576@ietfa.amsl.com> <CAH7qZftz8dE0Jm8Mg8gYseqPxtn40jywUuf_6AaFTPJV_g=aqw@mail.gmail.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <413a75e5-7aa9-9940-70d2-2aa4596f78f8@alum.mit.edu>
Date: Thu, 31 Oct 2019 17:55:23 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <CAH7qZftz8dE0Jm8Mg8gYseqPxtn40jywUuf_6AaFTPJV_g=aqw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.7.68.33; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(136003)(346002)(396003)(376002)(39860400002)(85644002)(18543002)(199004)(189003)(70206006)(70586007)(6916009)(31696002)(316002)(6246003)(7596002)(478600001)(26826003)(65956001)(65806001)(229853002)(75432002)(50466002)(2351001)(8676002)(76130400001)(246002)(2361001)(8936002)(31686004)(305945005)(5660300002)(2870700001)(336012)(58126008)(486006)(106002)(956004)(11346002)(36906005)(786003)(88552002)(47776003)(76176011)(4744005)(2906002)(446003)(2486003)(126002)(2616005)(186003)(53546011)(476003)(356004)(23676004)(26005)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:CH2PR12MB3752; H:outgoing-alum.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-alum.mit.edu; A:1; MX:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 385c3a1b-19ee-4d0c-f697-08d75e4d0918
X-MS-TrafficTypeDiagnostic: CH2PR12MB3752:
X-Microsoft-Antispam-PRVS: <CH2PR12MB37521A6335627E12217B1EA7F9630@CH2PR12MB3752.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-Forefront-PRVS: 02070414A1
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: z1lyW1K+tMdbaLAOQAaXKVoYsr7XTPcAoTsLs6Ca5IfmfXFeEigVDmTkhHm25Zn6cKNOqSwhR9NT6bUwWW41dQk8SBMo6e4P2oK8q5pmlX63VVakDD4qWkgUpgs/mGiych/5AEG0IzWGvH+QWkGQIFcEgoVxv5vEr+IyVI1w2YU0+MlPOI/MS1MT0JLNlsFIzmJOC/q/u86aT7ABJW9nBnDoMeWBgW9dE8ChPEPQhNnH8VMeAIhItV3FtV1tKYCuDQyKzZzkJXAlTrCKF+ZaevcKCE+7Po6g0xlxbhpvVEtTLzudHqX/Ofta6orm4zWP+7o5ems8IPKYmG5uXsefrvRbX27UDmMe+BbGvk3kl8wmidx4kxWnYeFBvnSyr5Xpmd+JrfoX+CNRb60n0wAd/Y1smXWc5lMb/93bEkyYGwhLxH5+GFhMATGNBxvzvYv6
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Oct 2019 21:55:25.1816 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 385c3a1b-19ee-4d0c-f697-08d75e4d0918
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f; Ip=[18.7.68.33]; Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3752
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/-DsSUvWmVWvQ-X-lU-uzvnsswdA>
Subject: Re: [sipcore] I-D Action: draft-ietf-sipcore-digest-scheme-14.txt
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 21:55:30 -0000

On 10/31/19 1:37 PM, Maxim Sobolev wrote:
> Hi, I am new here, so not sure what the proper process is, but there are 
> few comments I have with regards to the proposed RFC:
> 
> 1. In the Abstract section there is a phrase "the broken MD5 algorithm". 
> I think "broken" might be a bit strong and emotionally charged. There is 
> nothing broken about MD5 as far as hashing algorithm is concerned. It is 
> proven to be not very secure in this day and age, but given the right 
> amount of time any today's algorithm would probably be in that category.

This is a good point. MD5 is simply obsolete, not broken.

	Thanks,
	Paul