----- Original Message ----- From: "Randy Bush" <randy@psg.com> To: "Pierre Baume" <pierre@baume.org> Cc: "Poul-Henning Kamp" <phk@critter.freebsd.dk>; "Andrei Robachevsky" <andrei@ripe.net>; "Olafur Osvaldsson" <oli@isnic.is>; <db-wg@ripe.net> Sent: Friday, March 29, 2002 6:21 PM Subject: Re: MD5 proposal
My main concern here would be that basing the proposed method on an implementation (md5-crypt), which may change or may be mixed with some other implementation, rather than on the documented algorithm (md5 hash), which cannot, may cause confusion in the future. the way out of this would seem to be for someone to write an internet draft on salted md5 and process it through the ietf security area. I'm looking into this. Any other volunteers/suggestions?
keep it simple. what is the minimal draft to accomplish what is needed? do that.
randy