Hi, when looking over draft-ietf-dnsop-rfc2845bis I was hoping that it would relax the mandatory requirement for HMAC-MD5, but no such luck.
Given that most protocols have either made MD5 optional or banned it outright, some modern crypto libraries have decided to drop it from their supported algorithms. It seems to me that forcing new code to include dependencies for MD5 is unnecessary. As such, I would like to propose to move HMAC-MD5 to optional and only retain SHA-1 and SHA-256 as mandatory. Kind regards, Martin _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
