Sam Hartman
<hartmans-ietf(_at_)mmit(_dot_)edu(_dot_)cnri(_dot_)reston(_dot_)va(_dot_)us>
writes:
Hi, folks. The IESG has received a last call comment recommending
that the new rc4 cipher for ssh be published as informational rather
than as a proposed standard because of weaknesses in rc4. It would be
inappropriate to make a decision based on one comment so I am
soliciting comments on this point.
The argument in favor of publishing this document at proposed is that
the existing arcfour cipher is part of a standard and that many other
IETF protocols use rc4 in standards track documents.
A similar argument could be made for MD5. I don't think it is a
strong argument.
If there is a known public weakness today, publishing it as a standard
seem like a poor idea to me.
FWIW, my general comment is that the IETF should not promote RC4.
Technically better alternatives exists; and the cryptographic/IPR
history of RC4 doesn't improve the case for it. I have similar
thoughts on the use of RC4 in SASL DIGEST-MD5.
Cheers,
Simon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf