On 4 Dec 2010, at 03:23, Martin Rex wrote: > Although the attacks against MD5 published so far are practical only > for creating collision pairs, there has not been published a practical > preimage attack against MD5. But the practical collision attack alone > is devastating for several integrity protection usage scenarios. I am wondering how the authors of RFC4270 wound up misusing the 'integrity protection' term to cover both intentional (attack) and unintentional modifications, whereas reliability checking covers only the latter. But, to the security mindset, everything is an attack. I've now filed two errata on RFC4270. regards, L. Lloyd Wood L.Wood@xxxxxxxxxxxx http://sat-net.com/L.Wood _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf