Dailydave mailing list archives

Re: SHA-2

From: Rodney Thayer <rodney () canola-jones com>
Date: Tue, 17 Aug 2004 08:33:17 -0700

At 09:42 AM 8/17/2004 -0400, Mordy Ovits wrote:

On Tuesday 17 August 2004 12:43 am, Rodney Thayer wrote:

For example, I think it might be tough to crank
a new ciphersuite through the IETF to fix TLS if in fact all
the SHA's and all the MD-5's are broken.  This in turn means
that Microsoft (i.e. schannel.dll) or OpenSSL will have to
invent something on their own.


One important change from SSL 3.0 to TLS (a.k.a.  SSL 3.1) was the removal of 
particular ciphers written into the spec.  While new code would have to be 
rolled out to support updated primitives, TLS would not have to change.


BUT, you'd have to get a new ciphersuite approved by that
goofy mechanism they put in place since they didn't use the
standard IANA registration mechanism.  That's the problem.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

SHA-2 dave (Aug 16)
- Re: SHA-2 Rodney Thayer (Aug 16)
  - Re: SHA-2 Mordy Ovits (Aug 17)
    - Re: SHA-2 Rodney Thayer (Aug 17)
- Re: SHA-2 Halvar Flake (Aug 17)