[Last-Call] Secdir last call review of draft-ietf-tls-md5-sha1-deprecate-04

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Rich Salz
Review result: Has Nits

I'm the assigned security directorate reviewer for this draft. This is intended
for use by the Sec ADs, but anyone else who gleans wisdom from this message is
free to use it as they see fit.

The document is READY.  There are some nits, which can be found at
https://www6.ietf.org/tools/idnits?url=https://www.ietf.org/archive/id/draft-ietf-tls-md5-sha1-deprecate-04.txt
or by clicking on the "nits" tab on the datatracker page.

Don't use MD5 or SHA1 as digests.  If you do, bad people in shadows wearing
hoodies will be able to steal your information, impersonate or break your TLS
or other connections, and so on. This document gives more rationale and updates
some RFC's.

This NITS should be fixed, but this should be published.



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux