Despite citations to SRP-6 the rfc 5054 implements 6a which doesn't have a 2 for 1 attack.
It does however use SHA1 hardcoded. Probably not a good idea. We seem to have thought there were other draft issues as well though. Sincerely, Watson Ladd
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy