[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Progress on RADIUS Extension for Digest Authentication
Avi Lior <> wrote:
> Hi Bernard,
> Regarding Issue The need to use Message Authenticator.
> I think we all agreed that a message authenticator is needed here.
> I think the debate was whether the Message-Autheticator will
> You suggested that maybe we introduce a new attribute. But as you
> pointed out that while MD5 was found to be vunerable HMAC-MD5 was
> not. There was lots of debate on this issue.
> I don't think we would solve this issue in the near future. This
> because, judging from the emails I don't think we would get
> even if we created a new message authenticator based on HMAC-SHA1.
Doesn't this draft
t) solve your problem?
> So my suggestion is to use Message-Authenticator(80) which is
> on(HMAC-MD5). Which is not broken and proceed with the work. Not
> having anything is clearly bad.
>> -----Original Message-----
>> From: Bernard Aboba [mailto:firstname.lastname@example.org]
>> Sent: Thursday, November 18, 2004 1:16 PM
>> To: email@example.com
>> Subject: Progress on RADIUS Extension for Digest Authentication
>> The specification "RADIUS Extension for Digest Authentication"
>> completed RADEXT WG Last call. Issues filed against the
>> specification are available here:
>> The latest version of the specification is available here:
>> Further progress on this document requires that we verify that
>> changes made in the -04 document represent RADEXT WG consensus.
>> Since detailed text changes were not posted to the RADEXT WG
>> list prior to the submission of the -04 document, it is not
>> to determine whether RADEXT WG consensus exists on the changes
>> on examination of the mailing list discussion. It is therefore
>> possible to move forward on this document until this issue is
>> cleared up.
>> In order to make progress, we have made a request that Issue
>> submitters and other WG participants examine the changes in
>> -04 and send email to the WG list, stating whether the changes
>> acceptable. So far, the mail received indicates the following:
>> Issue 4: No mail received. WG consensus not verified.
>> Issue 5: No mail received, Diameter draft needs to be updated
>> determining whether the resolutions can work. WG
>> not verified. Issue 6: No mail received. WG consensus not
>> Issue 7: Mail received, indicates WG consensus *against* the
>> resolution. No consensus verified.
>> Issue 8: No mail received, security issues raised at IETF 60. No
>> consensus verified. Issue 11: No mail received. No consensus
>> Issue 12: No mail received. No censensus verified.
>> Given the lack of confirming email, we are at present unable to
>> confirm whether the changes made in -04 represent WG consensus,
>> in one case (Issue 7) it appears that the proposed resolution has
>> been rejected by the RADEXT WG.
>> In order to enable the WG to demonstrate sufficient interest, we
>> going to extend the Request for Comment on the proposed
>> until December 6, 2004. If you have submitted an Issue on the
>> document, and
>> believe it has been resolved, please send mail with "Issue X:
>> Resolved" in the subject line, where X is the Issue number of
>> If you have additional comments on the specification, or wish to
>> contest the resolution of an issue, please send email to the
>> WG mailing list (firstname.lastname@example.org) in the format described
>> the RADEXT WG mailing list:
>> to unsubscribe send a message to
>> email@example.com with the word 'unsubscribe' in a
>> single line as the message text body.
>> archive: <http://psg.com/lists/radiusext/>
Hope this helps,
Why is it that most of the world's problems can't be solved by
listening to John Coltrane? -- Henry Gabriel
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.