netsec-sig - Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft
Subject: Internet2 Network Security SIG
List archive
- From: Michael H Lambert <>
- To:
- Subject: Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft
- Date: Thu, 30 Mar 2017 14:43:50 -0400
- Ironport-phdr: 9a23:ui3uuBEmUL75sM9rkCWLPp1GYnF86YWxBRYc798ds5kLTJ78o8+wAkXT6L1XgUPTWs2DsrQf2reQ4/GrADZfqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjSwbLdyIRmsrgjcssYajZZ8Jqsz1xDEvmZGd+NKyG1yOFmdhQz85sC+/J5i9yRfpfcs/NNeXKv5Yqo1U6VWACwpPG4p6sLrswLDTRaU6XsHTmoWiBtIDBPb4xz8Q5z8rzH1tut52CmdIM32UbU5Uims4qt3VBPljjoMOjgk+2/Vl8NwlrpWrw6uqBJiw4DbYo+bOvlwfq3Det0XXmVBUtpUVyFbAoOwc5UDAuwcNuhYtYn9oF4OoAO5CwmtGOzvyiVHiWHy3aYn0eoqDAfI0xYlH90VrnvUtsn1P7oVXOCx1qbIyC7MYO1M2Tfh84XIagshru2WUb1ubMXR1FAiGgXYhVuTsYzoJy6Z2voOvmSB8uZtVvyjh3QnpgxyuDSj29sghpXRio4I1FzJ9j91zJs2KNGmUkJ3fN+pHIdKuy2EKod7QMUvSHxytikg0L0Jo5u7cTAKyJs5wx7fbOSKc42S7RLiUOaePy14iG9/dLKnnBa97VKsxfPhWcmpyFpKryxFncfQtn0VyhDf9MuKRuFg8kqixzqDzQDe5+JeLUwpiabXN4YtwrsqmZoStUTDEDX2mELzjKKOckUr4O2o5P/5bbX8up+RLJd0ihriPag0hMOwHPk4PhAUX2eH4eS8yKHj/UrhTbVRkPI5jrTZsIrbJcQHpq+1GgFU0ok45ha7Djemy8gYnWIZIF5feRKHiZTpNE/UIPD+E/i/n0qgnC11yP/bI72ySqnKe2POm6r7fKpsrlFT4As10d1F4Z9IUPcMLO+gdFX2sYn9DxQ5OgGwi8avLNx43I4ERSrbBqacOq7IrXeQ/elpLuWRMtxG8A3hIuQosqa9xUQynkUQKPGk
> On 30 Mar 2017, at 12:14, gcbrowni
> <>
> wrote:
>
> Many people within the community use MD5 authentication and have had little
> to no trouble, with others reporting concerns. Sites will need to weigh the
> pros and cons carefully before making a decision.
I think this sums things up very succinctly. Credential management aside,
there is the question of no authentication vs MD5 vs TCP-AO and what is
supported by a site's (and a site's peers') BGP speakers (be they vendor iron
or open source). In many cases this decision will be driven by the lowest
common denominator of features or by economics rather than by technical
considerations or risk mitigation.
Michael
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
- [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, gcbrowni, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, Steven Wallace, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, Andrew Gallo, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, Andrew Gallo, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, Michael H Lambert, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, David Farmer, 03/30/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, gcbrowni, 03/31/2017
- Re: [Security-WG] I2 - MD5/TCP-AO Discussion Paper, draft, David Farmer, 03/30/2017
Archive powered by MHonArc 2.6.19.