On Thu, 14 Mar 2019 at 11:08, Tony Finch <d...@dotat.at> wrote: > Martin Hoffmann <mar...@opennetlabs.com> wrote: > > > > As such, I would like to propose to move HMAC-MD5 to optional and only > > retain SHA-1 and SHA-256 as mandatory. > > That seems sensible. There should at the very least be a reference to > RFC6151, Updated Security Considerations for the MD5 Message-Digest and > the HMAC-MD5 Algorithms. >
Agreed. I can't remember the last time I generated an HMAC-MD5 key .. and I believe the default behaviour for most (all?) recent major distributions default to something stronger (e.g. BIND now defaults to HMAC-SHA256). Any operators needing to support old key algorithms would be free to use distributions that continue to optionally support them, or generate and distribute new keys (something that should be done periodically anyway).
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
