[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-msdp-spec

To: Russ Housley <housley@vigilsec.com>
Subject: Re: draft-ietf-msdp-spec
From: Alex Zinin <zinin@psg.com>
Date: Wed, 16 Apr 2003 23:18:10 -0700
Cc: iesg@ietf.org
In-reply-to: <5.2.0.9.2.20030416194030.032967f0@mail.binhost.com>
References: <5.2.0.9.2.20030416150318.02d69d98@mail.binhost.com><5.2.0.9.2.20030416132418.039b63a0@mail.binhost.com><5.2.0.9.2.20030416132418.039b63a0@mail.binhost.com><5.2.0.9.2.20030416150318.02d69d98@mail.binhost.com><5.2.0.9.2.20030416194030.032967f0@mail.binhost.com>

Russ,

> Alex:

> I got the context, but you do need to say what has been done and include 
> the reference.

Sure, we'll have a ref.

> MD5 (or TCP-MD5 as you think the authors meant to say) is 
> not really used, rip it out.

I didn't get what you mean here before I read Randy's reply to this.
You probably mean that keyed MD5 is widely know as a weak construction
and HMAC should be used instead. The reality is TCP-MD5 is used in
BGP, and MSDP followed its example.

The reason I thought about "SHOULD" is that we probably don't want to
encourage no security story at all, but at the same time, I don't
remember any major implementations actually providing any
authentication for MSDP.

Alex

References:
- Re: draft-ietf-msdp-spec
  - From: Russ Housley <housley@vigilsec.com>
- draft-ietf-msdp-spec
  - From: Russ Housley <housley@vigilsec.com>
- Re: draft-ietf-msdp-spec
  - From: Russ Housley <housley@vigilsec.com>

Prev by Date: Re: Evaluation: draft-ietf-smime-cms-rsaes-oaep - Use of the RSAES-OAEP Transport Algorithm in CMS to Proposed Standard
Next by Date: Re: draft-ietf-msdp-spec
Previous by thread: Re: draft-ietf-msdp-spec
Next by thread: draft-ietf-msdp-spec
Index(es):
- Date
- Thread