17 Dec
2003
17 Dec
'03
11:17 p.m.
hallam@w3.org writes:
Do not spec Keyed MD5, it is a complete looser. It is actually weak against a number of attacks. There are much better constructs for creating a keyed digest. There are much better ways of creating a digest than using a hash fuinction as the base.
What??? A keyed version of MD5 is the base authentication mechanism in IPSP and it has been heavily examined by a number of very good cryptographers. Perry