--On 4-4-2005 8:27 -0700 Jon Callas <jon(_at_)callas(_dot_)org> wrote:
When the Mister-Zuccherato attack came out at the beginning of the year,
one of the suggestions that we had was to re-do the encrypted data packet
and MDC. It seems that there's not really a lot of consensus to fix it,
that merely working around the problem seems to be adequate? Am I right
in that perception? Do we want to upgrade it?
I still think it's a good idea, myself, particularly since if you want
wide deployment of such a thing for the future getting on it now is a
good idea. But I would also like to really close out 2440bis, too.
(However, the two are not mutually exclusive. We could close out 2440bis
and put the upgrades into a followon RFC.)
I agree it is a good idea, but not for 2440bis. As there is a workaround, I
would say: add a note about the attack and the workaround to 2440bis and
get it finished.
Redoing the encrypted data packet can then be implemented together with v5
keys and any other hash related changes. This also solves the problem of
deciding which implementations support such a new encrypted data packet:
just use the new packet for v5 keys, and the old ones for v4 and below.
--
Edwin