| < draft-turner-md5-seccon-update-04.txt | draft-turner-md5-seccon-update-05.txt > | |||
|---|---|---|---|---|
| Network Working Group S. Turner | Network Working Group S. Turner | |||
| Internet Draft IECA | Internet Draft IECA | |||
| Updates: 1321, 2104 (once approved) L. Chen | Updates: 1321, 2104 (once approved) L. Chen | |||
| Intended Status: Informational NIST | Intended Status: Informational NIST | |||
| Expires: April 12, 2011 October 12, 2010 | Expires: April 20, 2011 October 20, 2010 | |||
| Updated Security Considerations for the | Updated Security Considerations for the | |||
| MD5 Message-Digest and the HMAC-MD5 Algorithms | MD5 Message-Digest and the HMAC-MD5 Algorithms | |||
| draft-turner-md5-seccon-update-04.txt | draft-turner-md5-seccon-update-05.txt | |||
| Abstract | Abstract | |||
| This document updates the security considerations for the MD5 message | This document updates the security considerations for the MD5 message | |||
| digest algorithm. It also updates the security considerations for | digest algorithm. It also updates the security considerations for | |||
| HMAC-MD5. | HMAC-MD5. | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 41 ¶ | skipping to change at page 1, line 41 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on April 12, 2011. | This Internet-Draft will expire on April 20, 2011. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2010 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 4, line 28 ¶ | skipping to change at page 4, line 28 ¶ | |||
| Therefore, it may not be urgent to remove HMAC-MD5 from the existing | Therefore, it may not be urgent to remove HMAC-MD5 from the existing | |||
| protocols. However, since MD5 must not be used for digital | protocols. However, since MD5 must not be used for digital | |||
| signatures, for a new protocol design, a ciphersuite with HMAC-MD5 | signatures, for a new protocol design, a ciphersuite with HMAC-MD5 | |||
| should not be included. Options include HMAC-SHA256 [HMAC][HMAC- | should not be included. Options include HMAC-SHA256 [HMAC][HMAC- | |||
| SHA256] and [AES-CMAC] when AES is more readily available than a hash | SHA256] and [AES-CMAC] when AES is more readily available than a hash | |||
| function. | function. | |||
| 3. IANA Considerations | 3. IANA Considerations | |||
| None. | IANA is requested to update the md5 usage entry in the Hash Function | |||
| Textual Names registry by replacing "COMMON" with "DEPRECATED". | ||||
| 4. Acknowledgements | 4. Acknowledgements | |||
| Obviously, we have to thank all the cryptographers who produced the | Obviously, we have to thank all the cryptographers who produced the | |||
| results we refer to in this document. We'd also like to thank Alfred | results we refer to in this document. We'd also like to thank Alfred | |||
| Hoenes, Martin Rex, and Benne de Weger for their comments. | Hoenes, Martin Rex, and Benne de Weger for their comments. | |||
| 5. Normative References | 5. Normative References | |||
| [AES-CMAC] Song, J., Poovendran, R., Lee., J., and T. Iwata, | [AES-CMAC] Song, J., Poovendran, R., Lee., J., and T. Iwata, | |||
| End of changes. 4 change blocks. | ||||
| 4 lines changed or deleted | 5 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||