On Wed, Feb 11, 2004 at 05:43:37PM +0000, Shevek wrote:
Various comments from various people (please excuse the lost
attributions):
I can see not using MD5 as a secure hash, but for generating a token?
I don't see a problem with acceptance
The problem with acceptance in government circles is a legal one. They are
required not to use MD5. There is no practical weakness in MD5. The reason
for dropping it as the default cryptosystem is purely political.
From Schneier's "Practical cryptography", page 88:
Our advice: don't use MD5.
From Viega-Messier "Secure programming cookbook", page 255:
Most cryptographers recommend against using it (MD5) in any new
applications.
Both books argue to use the hash function _twice_.
This appears to be the only remaining outstanding question with SRS.
Sounds like you are kidding. Just because a string (address) can be
manipulated in various ways on your local system does not mean that
the transformed strings do the job they need to do---or that the
transformations are easy to perform in the real world.
Note that VERP (http://cr.yp.to/proto/verp.txt) was invented because
the implementation of DSN would have required it to be implemented on
every system. The implementation of SRS would require to change
significantly all existing MTAs. The most significant problem is
_not_ whether a given string can be transformed on a given computer.
If SRS was so simple to implement, there would already be clear spec
about it somewhere.
Mate
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html