[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Keyed-MD5, and HTTP-NG
Ooops...
Just gone off and read the papers again. The Keyed MD5 proposal currently described
in one of the drafts is indeed one of those that was suggested in the cryptobytes
article. I remember reading another calling itself "Keyed MD5" at the time of the
rumpus Perry refered to.
The response that had been communicated back was that the IP sec work was going to
standard anyway despite the objections. The suggestion which had started people off
was that of MAC_a(x) = MD5(a.x.a). Nobody ever mentioned that IP sec had changed the
construction (which is a good thing).
The point still stands however that there will have to be more than one algorithm
supported and that HTTP-NG cannot assume that a particular algorithm or construction
will be used. Keyed-MD5 is still an MD5 variant, there are good reasons to think that
a keyed digest could be constructed which would be faster than a hash function.
Phill