To summarize the comments I received on this I-D:
1) Finally!
2) Is there any precedent with moving informational to historic.
Russ suggested I ask Scott Bradner what he thought about this. His
response (repeated here with permission):
"1/ my personal view is that historic should be only used for
cases where we want to say 'do not use'
2/ seems like a reasonable thing to do in this case
fwiw, I have always felt that it is important to document
any such move that is done for a real reason (not just because
people think it is not used) with a RFC"
I'd consider this support for moving informational RFCs to historic.
3) Why target MD2?
This was really a trial balloon. I'm planning on doing something with
MD4 and MD5 too ;)
4) It's better to have a security algorithms roadmap.
I tend to agree, but I thought I was shooting for the low hanging fruit.
5) Remove keywords and delete obsolete references.
Anything to track less references is a good thing!
6) Do an updates document instead, because there might still be other
uses for MD2/MD4/MD5 that don't require collision resistance (e.g., HMAC).
I'd like to treat MD2/MD4/MD5 the same, but some HMAC uses are
probably still okay for a little while (at least that what's I'm
turning up through research). But, I can't really see us saying that
HAMC-MD2 and HMAC-MD4 are okay to keep using in the mid/long term. I
think we ought to be saying "jump off the sinking ship now" because it
takes a while for crypto to go away just like it does to get fielded.
Luckily, there are only a few places where HMAC-MD2 or HMAC-MD4 are
specified. MD5/HMAC-MD5 is another story. I like the idea of just
updating MD5's security considerations to say don't use MD5 if you
need collision resistance and that it is (or is probably) okay for HMAC.
I updated the md2-to-historic I-D
(http://datatracker.ietf.org/doc/draft-turner-md2-to-historic/) to
actually talk about attacks against MD2 and submitted a similar draft
for MD4 (http://datatracker.ietf.org/doc/draft-turner-md4-to-historic/).
I also submitted one that updates the MD5 security considerations
(http://datatracker.ietf.org/doc/draft-turner-md5-seccon-update/).
Comments on all are welcome.
spt
Sean Turner wrote:
(apologies if you get this multiple times)
I'm looking for feedback on this draft that proposes moving MD2 to
historic status.
Thanks,
spt
------------------------------------------------------------------------
Subject:
I-D ACTION:draft-turner-md2-to-historic-00.txt
From:
Internet-Drafts(_at_)ietf(_dot_)org
Date:
Wed, 9 Jun 2010 15:00:02 -0700 (PDT)
To:
i-d-announce(_at_)ietf(_dot_)org
To:
i-d-announce(_at_)ietf(_dot_)org
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
Title : MD2 to Historic Status
Author(s) : S. Turner
Filename : draft-turner-md2-to-historic-00.txt
Pages : 6
Date : 2010-6-8
This document recommends the retirement of MD2 and discusses the
reasons for doing so. This document recommends RFC 1319 be moved to
Historic status.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-turner-md2-to-historic-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
------------------------------------------------------------------------
_______________________________________________
I-D-Announce mailing list
I-D-Announce(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime