Will any implementations be impacted? If not, we should ask the Security ADs for their best suggestion. Russ On 9/8/2010 7:24 PM, Roland Bless wrote: >> -- section 4.1.1, 2nd paragraph: >> > >> > Is HMAC-MD5 still a reasonable choice for a single mandatory-to-implement algorithm these days? > Good question. I thought that HMACs are not so strongly > affected by the discovered hash algorithm weaknesses w.r.t. collision > attacks. I could change this to HMAC-SHA-256 though. Any > other suggestions? > _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf