[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-msdp-spec-19

To: Alex Zinin <zinin@psg.com>
Subject: Re: draft-ietf-msdp-spec-19
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Wed, 28 May 2003 15:37:32 -0400
Cc: Russ Housley <housley@vigilsec.com>, iesg@ietf.org

In message <62406211000.20030528123150@psg.com>, Alex Zinin writes:
>Russ,
>
>>    I accept that Keyed MD5 as specified in RFC 2385 is the current
>> practice.  The security considerations ought to be updated to encourage a 
>> more robust authentication mechanism, preferably HMAC-SHA1.
>
>It would be ok for us to get back to the WG with this if the spec was
>going STD track.
>
>In this case, the WG is ready to disband and the spec documents what's
>been implemented and deployed, yet is only an interim step. Given
>this, it seems that investing more effort into it is not worthwhile
>or maybe even relevant (few implementations do even MD5 today.)
>
>Can we let this one go?

I'm happy with the current text.  

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Prev by Date: Re: Evaluation: draft-ietf-printmib-mib-info - Printer MIB v2 to Proposed Standard
Next by Date: Re: draft-legg-ldap-gser-abnf-06.txt and friends
Previous by thread: Re: draft-ietf-msdp-spec-19
Next by thread: draft-ietf-printmib-finishing-16
Index(es):
- Date
- Thread