[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crypto agility in SCRAM + draft-josefsson-password-auth?

To: "Frank Ellermann" <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@xxxxxxxxx>
Subject: Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
From: Simon Josefsson <simon@xxxxxxxxxxxxx>
Date: Tue, 18 Mar 2008 16:40:03 +0100
Cc: ietf-sasl@xxxxxxx
In-reply-to: <frnouh$se3$1@xxxxxxxxxxxxx> (Frank Ellermann's message of "Tue, 18 Mar 2008 07:56:47 +0100")
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <877ig12v5g.fsf@xxxxxxxxxxxxxxxxxxx> <frmdmk$h1o$1@xxxxxxxxxxxxx> <87od9dszmh.fsf@xxxxxxxxxxxxxxxxxxx> <frnouh$se3$1@xxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

"Frank Ellermann" <nobody@xxxxxxxxxxxxxxxxx> writes:

>> SHA-1 is not covered by the SHA-2 patent as far as
>> I have understood.
>
> The patent is not the issue, the certification is.
> Please correct me if I got this wrong, but I think
> the plan is to find a new "good" hash until 2012,
> and to phase out SHA-1 until 2010.  For some value
> of "good" not yet published in an Internet draft.

I'm not sure I follow this logic -- MD5 is in an even worse state than
SHA-1 is in this regard.  It is not certified at all, right?  Haven't
people been trying to phase out MD5 since Dobbertin's attack in 1996?

I think our choice should be between HMAC-SHA-1 and HMAC-SHA-256.  I
don't think there are strong technical reasons to chose one over the
other at this point.  I used HMAC-SHA-256 for password-auth.

/Simon

Follow-Ups:
- Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Frank Ellermann
- Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Nicolas Williams

References:
- Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Simon Josefsson
- Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Frank Ellermann
- Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Simon Josefsson
- Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
  - From: Frank Ellermann

Prev by Date: Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
Next by Date: Re: Optional domain/realm for SCRAM? (Re: Crypto agility in SCRAM + draft-josefsson-password-auth?)
Previous by thread: Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
Next by thread: Re: Crypto agility in SCRAM + draft-josefsson-password-auth?
Index(es):
- Date
- Thread