The IESG has approved the Internet-Draft 'Security Requirements for
Keys used with the TCP MD5 Signature Option'
<draft-ietf-idr-md5-keys-00.txt> as an Informational RFC. This
document is the product of the Inter-Domain Routing Working Group. The
IESG contact persons are Bill Fenner and Alex Zinin.
RFC Editor Note:
Please change the title to "Key Management Considerations for the
TCP MD5 Signature Option".
Please change the following:
In section 3, the first bullet:
OLD:
o Key lengths SHOULD be between 12 and 24 bytes, with larger keys
having effectively zero cost when compared to shorter keys.
NEW:
o Key lengths SHOULD be between 12 and 24 bytes, with larger keys
having effectively zero additional computational cost when
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
compared to shorter keys.
In section 5, first paragraph:
OLD:
this option may have lifetimes on the order of months. It would seem
prudent, then, to choose a *minimum* key length that guarantees that
key-guessing runtimes are some reasonable [3-5??] multiple of the
key-change interval under best-case (for the attacker) practical
NEW:
this option may have lifetimes on the order of months. It would seem
prudent, then, to choose a minimum key length that guarantees that
^^^^^^^ (remove emphasis)
key-guessing runtimes are some small multiple of the key-change
^^^^^^^^^^^^^^
interval under best-case (for the attacker) practical
In section 6, first paragraph:
OLD:
that the reasonable upper-bound for software-based attack performance
is 1.0e13 MD5 operations per second, then the *minimum* required key
entropy is approximately 68 bits. It is reasonable to round this
NEW:
that the reasonable upper-bound for software-based attack performance
is 1.0e13 MD5 operations per second, then the minimum required key
^^^^^^^ (remove emphasis)
entropy is approximately 68 bits. It is reasonable to round this
