On 06/06/11 14:54, Randy Bush wrote: >> So I've been thinking a little about this. First, I do not >> know of any practical md5 preimage attacks so far, however, >> if we allow tcp-md5 in this spec, we're effectively betting >> that that will remain the case for a few years at least and >> that's not a bet with which I'd be happy when we do have >> stronger options that are already specified. > > let me try again. > > while i agree with you philosophically, packets do not move very well on > 'specified.'
That's a fair point and is why I said the 2nd point is more important. The 2nd point being that it looks to me like tcp-md5 is just broken for this use case. If I'm wrong there I'll happily admit that. > and unless someone throws a lot of cash at it, AO looks as > if is likely not to be available for a long on the set of platforms > operators use for services, *BSD, Linux, and Solaris. I do understand that that's a problem. I don't however understand fully why SSH is being ruled out. All I saw on the list were a couple of mails saying that you can't use epoll which I'd have thought was a bit of a bummer but not a showstopper. But maybe picking SSH has more issues than that? That's why I suggested "MUST implement SSH; SHOULD implement TCP-AO; MUST prefer TCP-AO if both available" S. > > randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
