On Monday, January 16, 2012 03:44:08 PM Murray S. Kucherawy wrote: ... > b) Add even more explanatory text so that the reader has it clear that we > are not attempting to completely secure something here, and acknowledge > fully that there are weaknesses in our algorithm. (The Wikipedia page for > HMAC gives a pretty good description of the comparison and attacks.) > > c) Attempt to argue that it's good enough as it is, and that's how we want > it. ...
Either B or C would be my preference. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
