nanog mailing list archives
Re: MD5 considered harmful
From: Grzegorz Janoszka <Grzegorz () Janoszka pl>
Date: Fri, 27 Jan 2012 23:11:50 +0100
On 27-01-12 21:52, Patrick W. Gilmore wrote:
Who would want to reset a BGP that will come back up in 30-90 seconds when you can packet an entire router off the 'Net easier, more quickly, and for longer a period?
+1 Actually, when you have lot of MD5 BGP session coming up at the same time (a connection to internet exchanges went up), you have longer convergence time because of higher cpu load. MD5 offers no security advantages and in some cases it causes more downtime by slowing down convergence. -- Grzegorz Janoszka
Current thread:
- MD5? Brian Stengel (Jan 27)
- Re: MD5? Seth Mattinen (Jan 27)
- Re: MD5? Christopher Morrow (Jan 27)
- Re: MD5? Jon Lewis (Jan 27)
- Re: MD5? Christopher Morrow (Jan 27)
- MD5 considered harmful Patrick W. Gilmore (Jan 27)
- Re: MD5 considered harmful Christopher Morrow (Jan 27)
- Re: MD5 considered harmful Grzegorz Janoszka (Jan 27)
- Re: MD5 considered harmful Jared Mauch (Jan 27)
- Re: MD5 considered harmful Keegan Holley (Jan 27)
- Re: MD5 considered harmful Jeff Wheeler (Jan 27)
- Re: MD5 considered harmful Keegan Holley (Jan 27)
- Re: MD5? Christopher Morrow (Jan 27)
- Re: MD5 considered harmful Zaid Ali (Jan 27)
- Re: MD5 considered harmful Patrick W. Gilmore (Jan 27)
- Re: MD5? Seth Mattinen (Jan 27)
- Re: MD5 considered harmful John Kristoff (Jan 30)
- Re: MD5 considered harmful Keegan Holley (Jan 30)
- Re: MD5 considered harmful harbor235 (Jan 31)
- Re: MD5 considered harmful David Barak (Jan 31)