[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MD5 considered harmful

Subject: MD5 considered harmful
From: Grzegorz at Janoszka.pl (Grzegorz Janoszka)
Date: Fri, 27 Jan 2012 23:11:50 +0100
In-reply-to: <[email protected]>
References: <CABLLS=M6n9Sye_OVeXZ-1a+LCfQ9KBTRFpUpmbhhEY_j6HNXhA@mail.gmail.com> <[email protected]> <CAL9jLaabYat3jDOXmUBqM=kfPbJaC05XbjONbEa9juqGaosLAg@mail.gmail.com> <[email protected]> <CAL9jLaah5USAPA50SgxLyTi2sdQdpCrP_mzf3sPGBw1jMLDksQ@mail.gmail.com> <[email protected]>

On 27-01-12 21:52, Patrick W. Gilmore wrote:
> Who would want to reset a BGP that will come back up in 30-90 seconds when you can packet an entire router off the 'Net easier, more quickly, and for longer a period?

+1

Actually, when you have lot of MD5 BGP session coming up at the same
time (a connection to internet exchanges went up), you have longer
convergence time because of higher cpu load. MD5 offers no security
advantages and in some cases it causes more downtime by slowing down
convergence.

-- 
Grzegorz Janoszka

References:
- MD5?
  - From: bstengel at kinber.org (Brian Stengel)
- MD5?
  - From: sethm at rollernet.us (Seth Mattinen)
- MD5?
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- MD5?
  - From: jlewis at lewis.org (Jon Lewis)
- MD5?
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- MD5 considered harmful
  - From: patrick at ianai.net (Patrick W. Gilmore)

Prev by Date: BGP Update Report
Next by Date: 10GE TOR port buffers (was Re: 10G switch recommendaton)
Previous by thread: MD5 considered harmful
Next by thread: MD5 considered harmful
Index(es):
- Date
- Thread