--On Monday, 27 November, 2006 17:50 +0000 Alexey Melnikov
I would like to solicit some reviews of the 2554bis draft.
I am planning to get it done by the end of this year, with
IETF LC in January next year.
I've skimmed through this; nothing jumps out at me as a
(1) It seems a little more complex than my intuition says it
needs to be. My intuition could be wrong.
(2) Wrt the debate about CRAM-MD5 versus DIGEST-MD5, I think
what we have been told is that neither is safe unless protected
by transmission encryption. If that encryption is present, it
is not clear to me that CRAM-MD5 is much weaker (and it is
certainly more widely implemented and deployed). If that
encryption is not present, I think we have been told that _no_
challenge-response mechanism based on an MD5 hash can, any
longer, be considered adequate. If one could say "one good,
the other bad", then CRAM-MD5 ought to be history but, unless
I've misunderstood the security advice, that statement no longer
(3) The comments about line lengths of the Base64 strings, and
perhaps a few other things, smack of the possibility of having
to do an out-of-band negotiation or agreement about sizes
between client and server. If that is not the case, the text
could use a little cleaning up, perhaps in the form of a
reference to whether the necessary lengths can be found for each
possible method. If it is... well, that is trouble.