In message <[EMAIL PROTECTED]>, Sam Hartman writes:
>
>
>Hi, folks. The IESG has received a last call comment recommending
>that the new rc4 cipher for ssh be published as informational rather
>than as a proposed standard because of weaknesses in rc4. It would be
>inappropriate to make a decision based on one comment so I am
>soliciting comments on this point.
>
>The argument in favor of publishing this document at proposed is that
>the existing arcfour cipher is part of a standard and that many other
>IETF protocols use rc4 in standards track documents.
>
Correct me if I'm wrong, but the serious problems with RC4 that I know
of are related-key attacks. Those don't occur in, say, secsh or TLS.
This draft improves the situation somewhat, and is thus good. That
said, I see no problem with strengthening the security considerations
section to cite some of these other references. (Arguably, though,
those citations belong in a different document on RC4.)
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/ietf
