Home page logo
/

nanog logo nanog mailing list archives

Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: Marshall Eubanks <tme () multicasttech com>
Date: Sun, 4 Jan 2009 09:37:20 -0500

There is a discussion of this going on in CFRG.

https://www.irtf.org/mailman/listinfo/cfrg

Regards
Marshall

On Jan 4, 2009, at 2:22 AM, Hank Nussbacher wrote:

At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
On Sat, 3 Jan 2009, Hank Nussbacher wrote:

You mean like for BGP neighbors?  Wanna suggest an alternative? :-)

Well, most likely MD5 is better than the alterantive today which is to run no authentication/encryption at all.

But we should push whoever is developing these standards to go for SHA-1 or equivalent instead of MD5 in the longer term.

Who is working on this?  I don't find anything here:
http://www.ietf.org/html.charters/idr-charter.html

All I can find is:
http://www.ietf.org/rfc/rfc2385.txt
http://www.ietf.org/rfc/rfc3562.txt
http://www.ietf.org/rfc/rfc4278.txt

Nothing on replacing MD5 for BGP.

-Hank





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault