In your previous mail you wrote:
I think a published update to MD5 security considerations should
clearly say what it's still fine to do with MD5, in addition to
what it's not safe to do. This would mean adding a couple
sentences, and that's about all it would really take to be clear on
the issue:
"Since RFC 1321 was published, MD5 found popular use in checksuming
large file transfers. This use of MD5 is still reasonable, as the
level of collision resistance is of less importance in this
application and MD5 may be significantly more efficient than
cryptographically stronger algorithms. Communications, networking,
and storage systems prone to errors (e.g. due to faulty hardware,
drivers, bit-errors, faulty NAT/ALG algorithms, etc) do not
implement the known MD5 collision-finding algorithms, and MD5
remains highly effective at detecting such errors."
=> you are trying to amplify the practical issue so I can't see
how it solves it (:-)...
Regards
Francis(_dot_)Dupont(_at_)fdupont(_dot_)fr
PS: BTW IMHO a dedicated function should be better than MD5 for this use,
of course to reuse MD5 is easier (and I did it too :-).
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf