I was wondering about the change of the default algorithm used by S/Key introduced in version 1.1.5-r1: The algorithm used in vanilla 1.1.5 is MD5, and that is what is suggested as the default in RFC 2289, while MD4 is now purely optional: | All conforming implementations of both server and generators MUST | support MD5. They SHOULD support SHA and MAY also support MD4. Now in -r1 (and still in -r2) the patch by skey-1.1.5-gentoo.diff changes that default from MD5 (back?) to MD4. I wonder if this isn't a step in the wrong direction, considering RFC 2289 and <http://www.rsasecurity.com/rsalabs/node.asp?id=2253>: | Dobbertin [Dob 95] has shown how collisions for the full version of | MD4 can be found in under a minute on a typical PC. In recent work, | Dobbertin (Fast Software Encryption, 1998) has shown that a reduced | version of MD4 in which the third round of the compression function | is not executed but everything else remains the same, is not | one-way. Clearly, MD4 should now be considered broken.
Tavis, please comment, as you were the one that committed the changes in -r1 about... 1 year ago :)
I had completely forgotten about this, I think it was the reporter who emailed a few months ago about it. He's quite correct, the default should be changed to md5. it's a simple fix, and app-admin/skey-1.1.5-r3 includes it.
Does everyone agree with me it should be closed without GLSA ?
Ebuild should be stable before this is closed. Target keywords : x86 ppc sparc mips alpha arm hppa amd64 ia64 s390 ppc64 Arches please test app-admin/skey-1.1.5-r3 and mark stable.
Done on hppa.
stable on x86 btw repoman reminds us that app-admin/skey/files/skey-1.1.5-gentoo.diff.gz is 37k.. that is bigger than 20k..
stable on ppc
Stable on sparc
Stable on alpha.
only s390 left ...
Closing without GLSA
s390 is done