[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC SMIB




James P. Hughes says:
>> ENCRYPTION
>>
>>      ALGORTIHM
>>           This is a structured, IANA-registered algorithm ID that
>> also specifies the mode of use, e.g., DES-CBC or DES-EDE2-CBC, or
>> DES-CFB-8.

> There must be a method of giving entities (corporations?) sets of numbers
> which they are allowed to control. It would be nice if these numbers were
> prefaced in such a way as being globally unique, as the IEEE 48 bit MAC
> addresses are.

I oppose this notion in the strongest possible way. We do not need
fourty thousand incompatible transforms in use. The IANA should assign
one transform at a time, period. I anticipate no more than a couple
dozen being assigned in the next decade, if that many, the bulk of
those being assigned for use by groups like the military that want
specialized algorithms. I anticipate no more than a half dozen being
in common us. If more than that are assigned, and more than half a
dozen are in common use, we have done something horribly, horribly
wrong. Remember that two hosts can only communicate using a transform
if they both implement it -- huge spaces of proprietary transforms
being designed totally destroys the notion of open protocols and open
networking.

Perry


References: