On Sun, 28 Sep 2008 21:14:34 -0700, Paul Hoffman [EMAIL PROTECTED] said:
Overall I think the changes seem reasonable. However, I don't think
everything is taken into account... I understand the desire for
removing the specified timing associated with key-age based on modern
analysis. But
- Original Message -
From: Paul Hoffman [EMAIL PROTECTED]
To: dnsop@ietf.org
Sent: Sunday, September 28, 2008 9:15 PM
Subject: [DNSOP] Proposed changes to RFC 4641: better cryptography
Remove the second bullet in 3.1.1
In 3.2, add a reference to NIST SP 800-90 after the reference
On Sun, 28 Sep 2008, Paul Hoffman wrote:
An attack can only be used if the compromise is unnoticed
and the attacker can act as an MITM in an unnoticed way.
Not at all. Even when noticed, there is still the time before the
majority of the world has fixed the compromised use for which there
are