W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

Re: Comments on core-991001

From: EKR <ekr@rtfm.com>
Date: 05 Oct 1999 22:39:22 -0700
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Cc: "W3c-Ietf-Xmldsig (E-mail)" <w3c-ietf-xmldsig@w3.org>
Message-ID: <kjyadhxd2t.fsf@romeo.rtfm.com>
"Donald E. Eastlake 3rd" <dee3@torque.pothole.com> writes:
> >11.  Section 7.1 -- Please remove all references to MD5.  We should not be
> >pushing the older potentially bad hash algorithms (after all MD2 is not here
> >either).  SHA1 will cover our needs until the AES hash algorithm comes along
> 
> I'd be interested in others input on this point.  MD5 was
> traditionally the hash algorithm used in IETF protocols until SHA1
> came along.  Are there examples of IETF protocols with SHA1 but
> without MD5?
I can't think of one off-hand, however, the newer TLS ciphersuites
are SHA-1 only.

In any case, I agree with Barbara and Jim. Dobbertin's made 
enough inroads into MD5 that I'd rather not see it endorsed.

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
          PureTLS - free SSLv3/TLS software for Java
                http://www.rtfm.com/puretls/
Received on Wednesday, 6 October 1999 01:39:36 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT