SeND Hash Threat Analysis

Document Type Replaced Internet-Draft (individual)
Authors Ana Kukec  , Suresh Krishnan  , Sheng Jiang 
Last updated 2008-10-27 (latest revision 2008-07-01)
Replaced by RFC 6273
Stream (None)
Intended RFC status (None)
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-csi-hash-threat
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document analysis the use of hashes in SeND, possible threats and the impact of recent attacks on hash functions used by SeND. Current SeND specification [rfc3971] uses SHA-1 [sha-1] hash algorithm and PKIX certificates [rfc3280] and does not provide support for the hash algorithm agility. Based on previous analysis, this document suggests multiple hash support that should be included in the SeND update specification.


Ana Kukec (
Suresh Krishnan (
Sheng Jiang (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)