On Wed, Aug 02, 2006 at 05:08:39PM +0200, Louis Croisez wrote: > > I think that 96 bits for the truncated version of the hmac is not > enough with respect to RFC 2104, p5 ?1 : > "... We recommend that the output length to be not less than half the > length of the hash output ... and not less than 80 bits ..." > > I thing that the truncated length should be 128 bits in this case... > Do you agree?
(To recap our sha256 IPsec implementation truncates the output to 96 bits while the last IETF draft on sha256 and the general HMAC RFC requires 128 bits) Yes I agree with your assessment. Changing it is nasty though since we don't know how many Linux users have deployed this. Also, we should keep in mind that the IETF has given up on sha256 altogether. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
