RFC 3967, "Clarifying when Standards Track Documents may Refer Normatively to Documents at a Lower Level", December 2004Source of RFC: IETF - NON WORKING GROUP
Area Assignment: gen
Errata ID: 706
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2005-01-03
Rejected by: Russ Housley
Normative references to HMAC in future IETF Standards Track documents should always refer to FIPS-198 instead of RFC 2104.
(2) MD5 [RFC1321] According to the contemporary cryptographic literature, protocols should now better use SHA-xxx (xxx = [1 / ] 224 / 256 / 384 / 512) as a cryptographic hashing primitive instead of MD5. See - FIPS PUB 180-2, issued '2002 August 1', and amended by Change Note 1, issued '2004 February 25', for SHA-224, and - RFC 3174 (for SHA-1) and RFC 3874 (for SHA-224) -- based on above. FIPS 180-2 should be used for Normative References in future IETF Standards Track documents.
It should say:
SHA-1 (as well as MD5) already is no more recommended for new
applications to be used in the public administration and economy
within the European Union, see the URL given in Remark 2 above!
2021-10-06: moved from Held for Document Update to Rejected per request from Murray Kucherawy. This erratum was reviewed while working on a bis document.