On 13-Feb-06, at 11:24 AM, Dick Hardt wrote:
On 13-Feb-06, at 11:19 AM, Eric Rescorla wrote:
Dick Hardt <[EMAIL PROTECTED]> writes:
On 13-Feb-06, at 11:09 AM, Eric Rescorla wrote:
The technical term for a "signature" which can only be
verified by
the holder of a symmetric secret is Message Authentication Code
(MAC)
and there's a standard technique for performing MACs: HMAC (RFC
2104).
Our current implementation uses HMAC. Since the Homesite can use
whatever it wants, we left it out of the spec.
Well, that's fine, but you shouldn't be recommending a technique
which is known to be inferior to HMAC.
I agree. Did not know we were recommending a different technique.
Where is that mentioned?
Section 5.10.2.3.
Ok. I agree. We should recommend HMAC directly.
I've changed that paragraph in dmd1 to state HMAC and reference the RFC.
"A suggested implementation of a signature function would be to use
the HMAC mechanism with the SHA1 cryptographic hash function, which
takes as input a digest of the message and a secret known only to the
Homesite. [RFC2104]"
John
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
