[1151] in Kerberos_V5_Development
Re: des-3 & SHA
daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri May 10 10:51:33 1996
To: "Richard Basch" <basch@lehman.com>
Cc: krbdev@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 10 May 1996 10:47:07 -0400
In-Reply-To: "Richard Basch"'s message of Fri, 10 May 1996 02:59:07 -0400
>>>>> ""Richard" == "Richard Basch" <basch@lehman.com> writes:
"Richard> I have replaced DES3-MD5 with DES3-SHA in my own tree
"Richard> and will check it in shortly, after a few tests...
Adding SHA in addition to md5 sounds reasonable. Dropping md5
would be somewhat premature at this point.
Also, I am concerned that we never come to resolution on
issues of cryptographic technique before code is committed. Most
recently, you checked in your PRNG proposal without really coming to
finalization on the discussion happening on krbdev.
It's certainly reasonable for you to make changes within your
own tree as security requirements from your employer change in
response to changing conditions. It would probably be reasonable to
check in preliminary changes on a branch here. I am not coninced
that we should be changing code that impacts the system
cryptographically without understanding the issues involved.
This is just my opinion. Also, I am not aware of side
discussions and private email; things may be verified more than I
know.
"Richard> Richard Basch Sr. Developer/Analyst URL:
"Richard> http://web.mit.edu/basch/www/home.html Lehman Brothers,
"Richard> Inc. Email: basch@lehman.com, basch@mit.edu 101 Hudson
"Richard> St., 33rd Floor Fax: +1-201-524-5828 Jersey City, NJ
"Richard> 07302-3988 Voice: +1-201-524-5049
