Date: Thu, 15 Mar 2001 12:21:50 -0800 From: "Jonathan Graehl" <jonathan@graehl.org> To: "freebsd-Arch" <freebsd-arch@FreeBSD.ORG> Subject: RE: ftpd SITE MD5 and "really bad links" Message-ID: <NCBBLOALCKKINBNNEDDLGEJBDMAA.jonathan@graehl.org> In-Reply-To: <200103152003.PAA48601@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
A digest of the file would be significantly more useful if the FTP server had a site key, and transmitted the digest plus the digest encrypted with that private key. Then you would actually *know* you got the right file, as opposed to knowing you got the file that somebody, not necessarily the FTP server, wanted you to get ;) RIPEMD160 looks credible at first glance, although I'm surprised it isn't an RFC (2857 specifies using it with HMAC, though). -Jon > In article <NCBBLOALCKKINBNNEDDLIEIPDMAA.jonathan@graehl.org> you write: > >MD5 is also held to have some cryptographic weaknesses (compared to, > >say, SHA-1 or Tiger); is the feeling that it is more than sufficient > >against any conceivable systematic/accidental source of error not > >specifically designed to exploit what weaknesses MD5 has? > > If such a command were being officially standardized, it would > probably be called "DIGEST <type-of-digest> <file> [offset [length]]" > to allow for other types of message-digest algorithms, with a command > to show the available digest types. (Apparently many European > concerns will object to any message digest-using protocol that doesn't > allow for RIPEMD160, regardless of whether it's actually > security-sensitive.) > > I'd be happy to write this up as an RFC and take it through the > process, if someone wants to implement it. (Obviously, the initial > implementation should be "SITE DIGEST" and then we can change it if > the unqualified version makes it through the Internet Standards > Process.) > > -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NCBBLOALCKKINBNNEDDLGEJBDMAA.jonathan>