From: John Lull <lull@acm.org>
Date: Wed, 1 Nov 1995 07:13:35 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510311855.AA00379@zorch.w3.org>
Message-ID: <199510312230.OAA15622@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 31 Oct 1995 13:55:34 -0500, you wrote:


> MD5 is pretty well entrenched in IETF circles

Agreed, but that doesn't make it appropriate here.

> and since RSAREF only
> provides Md2, MD4 and MD5 there has to be an option to use at least 
> one of them.

Why?  Is there some REAL requirement that HTTP-NG be implementable
using only RSAREF for crypto?

> MD5 is the best of that set IMHO.

No argument -- but it's still too short for most hash applications.
I'd much rather see hashes that everyone agrees are more than long
enough for the forseeable future  -- and I don't think you'll find
that consensus for MD5.

Of course, whether a particular hash is as secure as it can be for a
given length is a separate question.

  <references snipped>

Thanks for the pointers.