Hi Tom,
On Thu, Jul 29, 2021 at 05:10:00PM +0100, tom petch wrote:
> Reading this I-D, I wondered what the secdir view is of recommending the
> use of MD5 to secure the session as this I-D does for BGP. (Such a use
> in NTP did generate a comment).
This part:
'authentication': The module adheres to the recommendations in
Section 13.2 of [RFC4364] as it allows enabling TCP-AO
[RFC5925] and accommodates the installed base that makes use of
MD5. In addition, the module includes a provision for the use
seems to be about as good as we can do given the current state of
deployment and implementation.
I will probably suggest adding some additional discussion of the weakness
of MD5 to the security considerations in my ballot comments, if no such
text appears before then.
Thanks,
Ben
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
