[BXXPwg] SUMMARY: Why to use DIGEST-MD5 in syslog-reliable
Marshall T. Rose
Sat, 16 Dec 2000 07:45:44 -0800
err, could we please remove the BEEP mailing list from future traffic on
BEEP doesn't care which SASL mechanism you use, it makes them all available;
obviously SYSLOG does care, so it can be discussed on that mailing list.
ps: helpful hint -- do not reply to this message.
----- Original Message -----
From: "Rich Salz" <firstname.lastname@example.org>
To: "Alexey Melnikov" <email@example.com>
Cc: "Syslog Mailing List" <firstname.lastname@example.org>; "BEEP Mailing List"
Sent: Saturday, December 16, 2000 06:42
Subject: Re: [BXXPwg] SUMMARY: Why to use DIGEST-MD5 in syslog-reliable
> > I'll try to summarize why DIGEST-MD5 was chosen as mandatory to
> > implement by several protocols.
> This may be completely out of context; if so, I apologize.
> There are security issues with MD5, such that the IETF security WG wants
> SHA-1, and MD-5 deprecated. Unless there is a substantial installed base,
> would probably be better to write a quick RFC that says "use XXX but
> MD5 with SHA-1" and use that as the mandatory mechanism.
> BXXPwg mailing list