[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
I think the proposed charter text concerning DIGEST-MD5 to historic/
replacement should be replaced with
something like:
The group has determined that DIGEST-MD5 (RFC2831) is not suitable
for progression on the
Standards Track due to interoperability, internationalization, and
security concerns. The group will
deliver a technical specification for a suitable password-based
challenge/response replacement mechanism
for Standard Track consideration. The replacement mechanism is
expected to be "better than" DIGEST-MD5
from a number of perspectives including interoperability,
internationalization, and security. The
WG is expected to strike a consensus-supported balance between the
many qualities desired in the
replacement. Desired qualities include (but is not limited to):
- Use of well understood and broadly-implemented algorithms (e.g.,
HMAC, SHA1),
- Algorithm agility,
- Negotiated key hardening iteration count,
- Downgrade attack protection,
- Mutual authentication,
- Internationalized,
- Channel Binding,
- Minimal Roundtrips.
The group intends to consider a number of approaches, including
draft-newman-auth-scam and
draft-josefsson-password-auth, as input. Additionally, the WG will
deliver a document summarizing
its DIGEST-MD5 concerns and requesting RFC 2831 be moved to
Historic status. The WG intends to use
draft-melnikov-digest-to-historic for a starting point for this
document.
For those wanting to know more about the WG direction here, I would
guess they first read Alexey's draft,
then read Chris's draft and the WG list discussion regarding desired
qualities in the replacement.
Anyways, comments on this suggested text? Any suggested additions/
deletions to the list of desired qualities?
(For suggested additions, please offer text for the WG to consider.)
-- Kurt