1995-11-01 - Re: Keyed-MD5, and HTTP-NG

Header Data

From: hallam@w3.org
To: perry@piermont.com
Message Hash: 7f583b6fdc5fc88139f3b1d75ee1271fb161e382d4698662eccf5bbe6f95997a
Message ID: <9511010201.AA01860@zorch.w3.org>
Reply To: <199511010004.TAA14640@jekyll.piermont.com>
UTC Datetime: 1995-11-01 02:17:46 UTC
Raw Date: Wed, 1 Nov 1995 10:17:46 +0800

Raw message

From: hallam@w3.org
Date: Wed, 1 Nov 1995 10:17:46 +0800
To: perry@piermont.com
Subject: Re: Keyed-MD5, and HTTP-NG
In-Reply-To: <199511010004.TAA14640@jekyll.piermont.com>
Message-ID: <9511010201.AA01860@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



Ooops...

Just gone off and read the papers again. The Keyed MD5 proposal currently described 
in one of the drafts is indeed one of those that was suggested in the cryptobytes 
article. I remember reading another calling itself "Keyed MD5" at the time of the 
rumpus Perry refered to.

The response that had been communicated back was that the IP sec work was going to 
standard anyway despite the objections. The suggestion which had started people off 
was that of MAC_a(x) = MD5(a.x.a). Nobody ever mentioned that IP sec had changed the 
construction (which is a good thing).

The point still stands however that there will have to be more than one algorithm 
supported and that HTTP-NG cannot assume that a particular algorithm or construction 
will be used. Keyed-MD5 is still an MD5 variant, there are good reasons to think that 
a keyed digest could be constructed which would be faster than a hash function.  

	Phill





Thread