[110364] in North American Network Operators' Group
Re: Security team successfully cracks SSL using 200 PS3's and MD5
daemon@ATHENA.MIT.EDU (Marshall Eubanks)
Sun Jan 4 09:37:32 2009
From: Marshall Eubanks <tme@multicasttech.com>
To: Hank Nussbacher <hank@efes.iucc.ac.il>
In-Reply-To: <5.1.0.14.2.20090104091544.05741e78@efes.iucc.ac.il>
Date: Sun, 4 Jan 2009 09:37:20 -0500
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
There is a discussion of this going on in CFRG.
https://www.irtf.org/mailman/listinfo/cfrg
Regards
Marshall
On Jan 4, 2009, at 2:22 AM, Hank Nussbacher wrote:
> At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
>> On Sat, 3 Jan 2009, Hank Nussbacher wrote:
>>
>>> You mean like for BGP neighbors? Wanna suggest an alternative? :-)
>>
>> Well, most likely MD5 is better than the alterantive today which is
>> to run no authentication/encryption at all.
>>
>> But we should push whoever is developing these standards to go for
>> SHA-1 or equivalent instead of MD5 in the longer term.
>
> Who is working on this? I don't find anything here:
> http://www.ietf.org/html.charters/idr-charter.html
>
> All I can find is:
> http://www.ietf.org/rfc/rfc2385.txt
> http://www.ietf.org/rfc/rfc3562.txt
> http://www.ietf.org/rfc/rfc4278.txt
>
> Nothing on replacing MD5 for BGP.
>
> -Hank
>
>
