> What do you think? For these purposes, MD5 is fine; the main reason to prefer it, from my perspective, is that many other protocols in the embedded management systems of small network devices will have to have MD5 in their libraries so no additional crypto code is necessary. I don't think the same is true of SHA-1. Alex Brown <[EMAIL PROTECTED], [EMAIL PROTECTED]> +1 508 323 2283, +1 617 504 8761 antirez <[EMAIL PROTECTED]> on 11/02/99 04:57:53 PM Please respond to [EMAIL PROTECTED] Sent by: antirez <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] cc: (Alex Brown/US/3Com) Subject: Re: [syslog-sec] embedding hashes in messages On Wed, Nov 03, 1999 at 07:31:26AM +1100, Darren Reed wrote: > Make sure the hash function is mentioned in the message somewhere! > i.e. <md5:abc719d0efb184c> Seems a good idea, about md5: after a "light" analisys seems that md5 possible weakness (compression function problem [see birthday attack] and length) aren't a problem with syslog messages. What do you think? (I want not start an md5 against sha1 thread ;) Also an issue against UDP: It's impossible to handle fragmentation problems with UDP since it's impossible to use path mtu discovery. antirez
Re: [syslog-sec] embedding hashes in messages
by way of "Chris M. Lonvick" <[EMAIL PROTECTED]> Mon, 10 Apr 2000 10:41:28 -0700
