W3C home > Mailing lists > Public > ietf-tls@w3.org > April to June 1996

RE: [Fwd: HMAC-MD5: to be or not to be?]

From: <LANGFORD_SUSAN@tandem.com>
Date: 8 May 96 17:21:00 +1700
Message-Id: <199605081722.AA7481@post.tandem.com \POS ,$ZNET 5>
To: maracchini_dave@tandem.com, ietf-tls@w3.org
> From: Dan Simon <dansimon@microsoft.com>
>
> (I'll make another pitch
> here for not explicitly specifying the hash function or functions used
> in the "handshake hash"; if this news about MD5 had come out a year
> later, then the body of the spec itself would have had to be revised,
> instead of just the list of valid hash functions).

Absolutely.  Explicitly specifying the handshake hash functions in SSL
is a weakness of the protocol, not a feature.

Regarding the meeting in the Bay Area at the end of the month, someone
from Atalla will certainly be there.  (Probably myself and Dave
Maracchini.)

Susan Langford
Sr. Cryptographic Analyst, Atalla
langford_susan@tandem.com
Received on Wednesday, 8 May 1996 20:23:11 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:48 EDT