Loading...

sasl@ietf.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: [sasl] WGLC on draft-ietf-kitten-digest-to-historic-00 Simon Josefsson Sat Aug 07 05:00:20 2010

I have re-read the document and this version looks good to me.  Two
comments below.

1)

I believe the document should contain a pointer to SCRAM, RFC 5802.
Then readers will understand that they are supposed to be implementing
SCRAM instead of DIGEST-MD5.  I suggest adding at the end of section 1:

  The SCRAM mechanism [RFC 5802] has been developed to provide similar
  features as DIGEST-MD5 but with a better design.

2)

In section 1, I would add the following bullet under 8:

  C.  The DES cipher for the security layer is considered insecure
      due to its small key space.

/Simon
_______________________________________________
sasl mailing list
[EMAIL PROTECTED]
https://www.ietf.org/mailman/listinfo/sasl