[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Continued discussion of RADIUS Crypto-Agility

To: Bernard Aboba <bernard_aboba@hotmail.com>
Subject: Re: Continued discussion of RADIUS Crypto-Agility
From: Leif Johansson <leifj@it.su.se>
Date: Thu, 09 Aug 2007 09:41:53 +0200
Cc: stefan.winter@restena.lu, radiusext@ops.ietf.org
In-reply-to: <BAY117-F26C4559B8BBC0AAA8557FE93E00@phx.gbl>
References: <BAY117-F26C4559B8BBC0AAA8557FE93E00@phx.gbl>
User-agent: Thunderbird 1.5.0.12 (X11/20070604)

Bernard Aboba wrote:
>> The wg should (imho) explicitly state if the issue is getting rid of MD5
>> or getting rid of MD5 at the same time as a whole bunch of other
>> things are done. That will probably make this process go a whole lot
>> easier.
>
> David has posted the set of requirements that a solution needs to
> meet.  Beyond those, the WG can also take into account other desirable
> security characteristics in making a determination.
>
Draft?
> However, in doing so, I would warn against feature creep.  RADIUS has
> succeeded largely because of its simplicity and modest footprint.  So
> the goal is to address the crypto-agility issue with a minimum of
> unrelated changes.
>
Very wise.

    Cheers Leif


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: Continued discussion of RADIUS Crypto-Agility
  - From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>

References:
- Re: Continued discussion of RADIUS Crypto-Agility
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>

Prev by Date: Re: Continued discussion of RADIUS Crypto-Agility
Next by Date: RE: Continued discussion of RADIUS Crypto-Agility
Previous by thread: Re: Continued discussion of RADIUS Crypto-Agility
Next by thread: RE: Continued discussion of RADIUS Crypto-Agility
Index(es):
- Date
- Thread