Hi, where are we with regards to resolving this discuss?
Lars On 2010-9-9, at 19:51, Roland Bless wrote: > Hi Russ, > > On 09.09.2010 16:56, Russ Housley wrote: >> Will any implementations be impacted? If not, we should ask the >> Security ADs for their best suggestion. > > At least we have one implementation, but it's nothing that > we couldn't change easily. So getting advice from the security > ADs would be good. RFC4270 recommends to change to > HMAC-SHA-256+, but I don't know whether there exist already better > alternatives. > > Regards, > Roland > >> On 9/8/2010 7:24 PM, Roland Bless wrote: >>>> -- section 4.1.1, 2nd paragraph: >>>>> >>>>> Is HMAC-MD5 still a reasonable choice for a single mandatory-to-implement >>>>> algorithm these days? >>> Good question. I thought that HMACs are not so strongly >>> affected by the discovered hash algorithm weaknesses w.r.t. collision >>> attacks. I could change this to HMAC-SHA-256 though. Any >>> other suggestions? >>> > > _______________________________________________ > Gen-art mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/gen-art
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
