For this issue, I thought maybe it would be worth its own thread, but I also
submitted an issue for it [0]. Do not be alarmed I think there is an easy fix.
In ’09 when RFC 5488 was published, the following was true:
We assume that
SHA-256 is at least as secure as SHA-1.
But, sometime later in ’09 the wheels started to come off / came off of SHA-1
(but not SHA-256). Later, the IETF published RFC 6194 that basically said
SHA-1 is no-go unless it is used with HMAC. Since EAP-AKA and EAP-AKA’ use
HMAC should we tweak this sentence mention HMAC? e.g.,
We assume that HAMC
SHA-256 is at least as secure as HMAC SHA-1.
We could also add a reference to RFC6194 assuming s3.3 still holds true?
Or should we rename the assumption the HMAC-SHA-256 assumption?
Cheers,
spt
[0] https://github.com/emu-wg/draft-ietf-emu-rfc5448bis/issues/10
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
