Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]
"Santosh Chokhani" <SChokhani@cygnacom.com> Wed, 07 July 2010 17:17 UTC
Return-Path: <SChokhani@cygnacom.com>
X-Original-To: smime@core3.amsl.com
Delivered-To: smime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 478F63A6887; Wed, 7 Jul 2010 10:17:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oq7sQU1v2YKU; Wed, 7 Jul 2010 10:17:15 -0700 (PDT)
Received: from mail166.messagelabs.com (mail166.messagelabs.com [216.82.253.163]) by core3.amsl.com (Postfix) with SMTP id 4462B3A685B; Wed, 7 Jul 2010 10:17:14 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: SChokhani@cygnacom.com
X-Msg-Ref: server-3.tower-166.messagelabs.com!1278523034!27516574!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [65.242.48.25]
Received: (qmail 12968 invoked from network); 7 Jul 2010 17:17:15 -0000
Received: from unknown (HELO scygexch1.cygnacom.com) (65.242.48.25) by server-3.tower-166.messagelabs.com with SMTP; 7 Jul 2010 17:17:15 -0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Wed, 07 Jul 2010 13:17:14 -0400
Message-ID: <FAD1CF17F2A45B43ADE04E140BA83D4801060605@scygexch1.cygnacom.com>
In-Reply-To: <4C335C75.7070508@ieca.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]
Thread-Index: AcsdKfgzqsB/uxx1TUS1IAJUwQMjagArsSqw
References: <4C10E308.9060503@ieca.com> <4C335C75.7070508@ieca.com>
From: Santosh Chokhani <SChokhani@cygnacom.com>
To: Sean Turner <turners@ieca.com>, saag@ietf.org, smime@ietf.org, pkix@ietf.org, cfrg@irtf.org
Subject: Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/smime>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2010 17:17:17 -0000
Sean, It may be worth discussing DSSC (RFC 5698) from LTANS WG that provides a capability to specify suitable crypto algorithms. > -----Original Message----- > From: saag-bounces@ietf.org [mailto:saag-bounces@ietf.org] On Behalf Of > Sean Turner > Sent: Tuesday, July 06, 2010 12:40 PM > To: saag@ietf.org; smime@ietf.org; pkix@ietf.org; cfrg@irtf.org > Subject: Re: [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic- > 00.txt] > > To summarize the comments I received on this I-D: > > 1) Finally! > > 2) Is there any precedent with moving informational to historic. > > Russ suggested I ask Scott Bradner what he thought about this. His > response (repeated here with permission): > > "1/ my personal view is that historic should be only used for > cases where we want to say 'do not use' > > 2/ seems like a reasonable thing to do in this case > > fwiw, I have always felt that it is important to document > any such move that is done for a real reason (not just because > people think it is not used) with a RFC" > > I'd consider this support for moving informational RFCs to historic. > > 3) Why target MD2? > > This was really a trial balloon. I'm planning on doing something with > MD4 and MD5 too ;) > > 4) It's better to have a security algorithms roadmap. > > I tend to agree, but I thought I was shooting for the low hanging > fruit. > > 5) Remove keywords and delete obsolete references. > > Anything to track less references is a good thing! > > 6) Do an updates document instead, because there might still be other > uses for MD2/MD4/MD5 that don't require collision resistance (e.g., > HMAC). > > I'd like to treat MD2/MD4/MD5 the same, but some HMAC uses are > probably still okay for a little while (at least that what's I'm > turning up through research). But, I can't really see us saying that > HAMC-MD2 and HMAC-MD4 are okay to keep using in the mid/long term. I > think we ought to be saying "jump off the sinking ship now" because it > takes a while for crypto to go away just like it does to get fielded. > Luckily, there are only a few places where HMAC-MD2 or HMAC-MD4 are > specified. MD5/HMAC-MD5 is another story. I like the idea of just > updating MD5's security considerations to say don't use MD5 if you > need collision resistance and that it is (or is probably) okay for > HMAC. > > I updated the md2-to-historic I-D > (http://datatracker.ietf.org/doc/draft-turner-md2-to-historic/) to > actually talk about attacks against MD2 and submitted a similar draft > for MD4 (http://datatracker.ietf.org/doc/draft-turner-md4-to- > historic/). > I also submitted one that updates the MD5 security considerations > (http://datatracker.ietf.org/doc/draft-turner-md5-seccon-update/). > Comments on all are welcome. > > spt > > Sean Turner wrote: > > (apologies if you get this multiple times) > > > > I'm looking for feedback on this draft that proposes moving MD2 to > > historic status. > > > > Thanks, > > > > spt > > > > --------------------------------------------------------------------- > --- > > > > Subject: > > I-D ACTION:draft-turner-md2-to-historic-00.txt > > From: > > Internet-Drafts@ietf.org > > Date: > > Wed, 9 Jun 2010 15:00:02 -0700 (PDT) > > To: > > i-d-announce@ietf.org > > > > To: > > i-d-announce@ietf.org > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > > > > > Title : MD2 to Historic Status > > Author(s) : S. Turner > > Filename : draft-turner-md2-to-historic-00.txt > > Pages : 6 > > Date : 2010-6-8 > > > > This document recommends the retirement of MD2 and discusses the > > reasons for doing so. This document recommends RFC 1319 be moved > to > > Historic status. > > > > > > A URL for this Internet-Draft is: > > http://www.ietf.org/internet-drafts/draft-turner-md2-to-historic- > 00.txt > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > Below is the data which will enable a MIME compliant mail reader > > implementation to automatically retrieve the ASCII version of the > > Internet-Draft. > > > > > > --------------------------------------------------------------------- > --- > > > > _______________________________________________ > > I-D-Announce mailing list > > I-D-Announce@ietf.org > > https://www.ietf.org/mailman/listinfo/i-d-announce > > Internet-Draft directories: http://www.ietf.org/shadow.html > > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > > > > > > > > > > > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag
- [smime] [Fwd: I-D ACTION:draft-turner-md2-to-hist… Sean Turner
- Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-… Peter Gutmann
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Sean Turner
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-… Len Sassaman
- Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-… Joe Touch
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Len Sassaman
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Len Sassaman
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Dr Stephen Henson
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Simon Josefsson
- Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-… Santosh Chokhani
- Re: [smime] [pkix] [Fwd: I-D ACTION:draft-turner-… Peter Gutmann
- Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-… Peter Gutmann
- Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-… Len Sassaman
- Re: [smime] [pkix] [Fwd: I-D ACTION:draft-turner-… Tom Gindin
- Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-… SM
- Re: [smime] [pkix] [saag] [Fwd: I-D ACTION:draft-… Andrea Caccia
- Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-… Sean Turner
- Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-… Sean Turner
- Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-… Santosh Chokhani