Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
hank at efes.iucc.ac.il
Sun Jan 4 07:22:06 UTC 2009
At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
>On Sat, 3 Jan 2009, Hank Nussbacher wrote:
>>You mean like for BGP neighbors? Wanna suggest an alternative? :-)
>Well, most likely MD5 is better than the alterantive today which is to run
>no authentication/encryption at all.
>But we should push whoever is developing these standards to go for SHA-1
>or equivalent instead of MD5 in the longer term.
Who is working on this? I don't find anything here:
All I can find is:
Nothing on replacing MD5 for BGP.
More information about the NANOG