[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OPSEC] Further MD5 breaks

To: Vishwas Manral <vishwas.ietf at gmail.com>
Subject: Re: [OPSEC] Further MD5 breaks
From: Joel Jaeggli <joelja at bogus.com>
Date: Tue, 30 Dec 2008 21:45:57 -0800
Cc: opsec wg mailing list <opsec at ietf.org>
Delivered-to: ietfarch-opsec-web-archive at core3.amsl.com
Delivered-to: opsec at core3.amsl.com
In-reply-to: <77ead0ec0812301732l120c30c6n6b63e274771274ac at mail.gmail.com>
List-archive: <http://www.ietf.org/pipermail/opsec>
List-help: <mailto:opsec-request@ietf.org?subject=help>
List-id: opsec wg mailing list <opsec.ietf.org>
List-post: <mailto:opsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
References: <77ead0ec0812301732l120c30c6n6b63e274771274ac at mail.gmail.com>
Sender: opsec-bounces at ietf.org
User-agent: Thunderbird 2.0.0.18 (X11/20081119)

Hehm I've been waiting for this message to arrive since early this
morning. I think the salient point, Which I made before is that if md5
is in the toolbox, someone, somewhere will use it for something
inappropriate.

Does that affect the problem at hand? Maybe, maybe not.

It is possible I believe to create a scenario where the potential for a
hash collision is either temporally or practically irrelevant.

As a community I think we've been less pro-active than we should have
been, but being deliberate is still the order of the day.

joel

Vishwas Manral wrote:
> Hi folks,
> 
> There is an interesting discussion on the saag list about "Further MD5
> breaks: Creating a rogue CA certificate".
> 
> http://www.ietf.org/mail-archive/web/saag/current/msg02368.html .
> There are some mails about the relative strengths of SHA related to
> MD5 in that environment.
> 
> Thanks,
> Vishwas
> _______________________________________________
> OPSEC mailing list
> OPSEC at ietf.org
> https://www.ietf.org/mailman/listinfo/opsec
> 

_______________________________________________
OPSEC mailing list
OPSEC at ietf.org
https://www.ietf.org/mailman/listinfo/opsec

References:
- [OPSEC] Further MD5 breaks
  - From: Vishwas Manral

Prev by Date: [OPSEC] Further MD5 breaks
Next by Date: [OPSEC] Request for opions on accepting draft-gont-opsec-ip-security-01 as a working group document
Previous by thread: [OPSEC] Further MD5 breaks
Next by thread: [OPSEC] Request for opions on accepting draft-gont-opsec-ip-security-01 as a working group document
Index(es):
- Date
- Thread