1995-11-01 - Re: Keyed-MD5, ITAR, and HTTP-NG
Header Data
From: “Perry E. Metzger” <perry@piermont.com>
To: hallam@w3.org
Message Hash: 46b5fcadbfe1b226e855cc43498e583f34b13868ca179c75df921bedaefb916e
Message ID: <199511011359.IAA01892@jekyll.piermont.com>
Reply To: <9510312015.AA00768@zorch.w3.org>
UTC Datetime: 1995-11-01 14:25:17 UTC
Raw Date: Wed, 1 Nov 1995 22:25:17 +0800
Raw message
From: "Perry E. Metzger" <perry@piermont.com>
Date: Wed, 1 Nov 1995 22:25:17 +0800
To: hallam@w3.org
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510312015.AA00768@zorch.w3.org>
Message-ID: <199511011359.IAA01892@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
hallam@w3.org writes:
>
> >A keyed version of MD5 is the base authentication mechanism in IPSP
> >and it has been heavily examined by a number of very good
> >cryptographers.
>
> Yes we reviewed it and said that it sucked.
>
> Phil wrote a note to Ron and Ron sent in a series of comments.
Phil was complaining largely because in spite of his apparent
cryptography credentials he's a lughead who can't have been bothered
to understand the architecture -- most of his comments reflected a
general ignorance of the process and of the discussions that had
preceeded. He also complained that the transforms weren't sufficiently
generic for his tastes. However, no complaints AT ALL were made about
Hugo's selection of cryptographic transform. We were assured by
everyone that it was the right thing to do, with people swearing up
and down that it was the appropriate idea. Do you want me to extract
the mailing list archives? Every last posting on this topic is on
line.
> The sequence of events I heard was that they asked Burt Kaliski for
> a suggestion, he gave them one and they chose something different.
Actually, Kaliski made an off-the-cuff suggestion that all the other
crypto folks ripped apart, largely because it was obvious even to me
how it could be attacked, and then he backed off.
Perry
Thread
- Return to October 1995
Return to November 1995
- Return to “Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “hallam@w3.org”
- Return to “James Black <black@eng.usf.edu>”
- Return to “James Black <black@sunflash.eng.usf.edu>”
- Return to “Kevin L Prigge <klp@gold.tc.umn.edu>”
- Return to “michael shiplett <walrus@ans.net>”
- Return to ““Perry E. Metzger” <perry@piermont.com>”
- Return to “Rich Graves <llurch@networking.stanford.edu>”
Return to “Simon Spero <ses@tipper.oit.unc.edu>”
- 1995-10-30 (Tue, 31 Oct 1995 02:46:42 +0800) - Keyed-MD5, ITAR, and HTTP-NG - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-30 (Tue, 31 Oct 1995 03:40:01 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@sunflash.eng.usf.edu>
- 1995-10-31 (Tue, 31 Oct 1995 09:14:59 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
- 1995-10-31 (Tue, 31 Oct 1995 10:17:33 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Rich Graves <llurch@networking.stanford.edu>
- 1995-10-31 (Tue, 31 Oct 1995 10:30:26 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@eng.usf.edu>
- 1995-10-31 (Tue, 31 Oct 1995 15:05:54 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Kevin L Prigge <klp@gold.tc.umn.edu>
- 1995-10-31 (Wed, 1 Nov 1995 07:48:45 +0800) - PGP On shared machines (was Re: Keyed-MD5, ITAR, and HTTP-NG) - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-31 (Tue, 31 Oct 1995 10:17:33 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Rich Graves <llurch@networking.stanford.edu>
- 1995-10-31 (Tue, 31 Oct 1995 09:14:59 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
- 1995-10-30 (Tue, 31 Oct 1995 05:27:28 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - futplex@pseudonym.com (Futplex)
- 1995-11-02 (Thu, 2 Nov 1995 09:28:57 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-10-31 (Tue, 31 Oct 1995 10:21:14 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - Simon Spero <ses@tipper.oit.unc.edu>
- 1995-10-31 (Wed, 1 Nov 1995 02:12:43 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - michael shiplett <walrus@ans.net>
- 1995-10-31 (Wed, 1 Nov 1995 04:42:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - “Perry E. Metzger” <perry@piermont.com>
- 1995-10-31 (Wed, 1 Nov 1995 05:45:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-11-01 (Wed, 1 Nov 1995 22:25:17 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - “Perry E. Metzger” <perry@piermont.com>
- 1995-10-31 (Wed, 1 Nov 1995 05:45:06 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - hallam@w3.org
- 1995-10-30 (Tue, 31 Oct 1995 03:40:01 +0800) - Re: Keyed-MD5, ITAR, and HTTP-NG - James Black <black@sunflash.eng.usf.edu>