One more perspective to throw into the mix... I found this DISCUSS experience frustrating for two reasons:
1) My own interpretation of the way our options were presented was: "You can either (a) change to HMAC, or (b) stick with your way but explain why it's appropriate (and, quite honestly, we're going to set the bar on (b) very, very high, so you may as well just do HMAC)." 2) Related to the above, I thought we /had/ done an appropriate job of explaining why H was enough for our purposes in this application, especially after the Gen-ART review, but the IESG position didn't change; Stephen didn't answer me more than once, and any other IESG reply I got showed that our point wasn't being heard. I never understood why; maybe I wasn't making it well, or maybe my facts are wrong. Either way, at times it felt like there wasn't an "enough" that could be reached, which is obviously exasperating. Eventually Barry said something on the list that led me to the proposed compromise, which brings us to text that the DISCUSS holder has accepted and I'll be posting soon. I'm comfortable with it inasmuch as we can get this overwith and it doesn't make existing implementations obsolete, but I think the lack of specific implementation guidance might weaken it somewhat. But I'm not interested in reopening that now. In terms of what I've learned from this experience, I'm willing to admit that a better vetting of the algorithm earlier on would've helped our cause; either we would've switched to something more defensible or been able to present a decent defense from a technology standpoint (e.g., "we know about these attacks, you should too, but really we're fine with it and here's why"). Lesson learned for next time. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
