I think it's hard to say that an algorithm is not to be used at all for any
Can MD5 be moved to Historic? I do not think so even if it has since some time
to be avoided for digital signatures but is still useful for other purposes.
The solution should be a document, regularly updated and specific for
electronic signature that list the algorithms, their correct identification
(e.g. for asn.1 and xml) and their suitability for typical usages.
Il giorno 17/giu/2010, alle ore 19.18, SM ha scritto:
At 06:31 10-06-10, Simon Josefsson wrote:
1) MD2 is not on the standards track, it is Informational. I agree with
wishes to move "poor" documents from the Standards Track to Historic,
but I'm not sure I see such a big difference between having a "poor"
document as Informational or Historic. Especially for a crypto
algorithm, which the IETF typically does not put on the standards
track at all. Is there some precedent for moving Informational to
There's RFC 4223, for example, that reclassifies a non-Standards Track
document to Historic. This is more about saying that MD2 should not be used
and "Historic" is generally the way to say that.
pkix mailing list
smime mailing list