Date: Thu, 15 Mar 2001 15:03:16 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: jonathan@graehl.org Cc: arch@freebsd.org Subject: Re: ftpd SITE MD5 and "really bad links" Message-ID: <200103152003.PAA48601@khavrinen.lcs.mit.edu> In-Reply-To: <NCBBLOALCKKINBNNEDDLIEIPDMAA.jonathan@graehl.org> References: <200103151919.MAA18623@usr05.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <NCBBLOALCKKINBNNEDDLIEIPDMAA.jonathan@graehl.org> you write: >MD5 is also held to have some cryptographic weaknesses (compared to, >say, SHA-1 or Tiger); is the feeling that it is more than sufficient >against any conceivable systematic/accidental source of error not >specifically designed to exploit what weaknesses MD5 has? If such a command were being officially standardized, it would probably be called "DIGEST <type-of-digest> <file> [offset [length]]" to allow for other types of message-digest algorithms, with a command to show the available digest types. (Apparently many European concerns will object to any message digest-using protocol that doesn't allow for RIPEMD160, regardless of whether it's actually security-sensitive.) I'd be happy to write this up as an RFC and take it through the process, if someone wants to implement it. (Obviously, the initial implementation should be "SITE DIGEST" and then we can change it if the unqualified version makes it through the Internet Standards Process.) -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103152003.PAA48601>