[Babel-users] hmac merge
Juliusz Chroboczek
jch at irif.fr
Mon Nov 12 15:52:34 GMT 2018
> In looking over the bird patch, it looks like I merged the wrong
> thing.
Yes, it looks like it. hmac-challenge is the right code.
Weronika, perhaps you could rename the branch hmac to something less
exciting?
Dave, please be aware that the HMAC code is not quite finished yet. Once
we got a working prototype, we focused on getting the protocol
specification in time for IETF-102 and before the girls' internship ended.
In particular, we need to do some restructuring to current master (passing
an interface pointer to a number of functions that lost access to the
interface structure in the unicast refactoring) before we can merge HMAC.
The following features are supported by the protocol but not by the
implementation :
- graceful key rotation (ability to add/remove keys at runtime);
- graceful deployment (ability to send signed packets but accept
unsigned ones).
> I do have one objection to the codebase, in that it pulls in
> libgcrypt, ssl, and pthreads... about 5MB? of libs... for two hash
> functions.
Yeah, we should just include an implementation of SHA-256 in the code.
-- Juliusz
More information about the Babel-users
mailing list