[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward

To: Tatu Ylonen <ylo@cs.hut.fi>, perry@piermont.com
Subject: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
From: Robert Moskowitz <rgm3@is.chrysler.com>
Date: Thu, 07 Mar 1996 02:47:20 -0500
Cc: hugo@watson.ibm.com, ipsec@TIS.COM
Sender: ipsec-request@neptune.tis.com

At 10:41 PM 3/1/96 +0200, Tatu Ylonen wrote:
>
>But, in my understanding IPSEC does not "exist" yet in the same sense
>as SMTP did.  It does not yet have a wide user base, just a few small
>groups using various implementations.  I think it is probably early
>enough to simply change the spec if it is otherwise justified.
>(It may not be a bad idea to change the protocol number though if
>confusion is likely.)

I should point out that TELNET went through a similar problem; right now I
forget the option, envirnoment, I think.  They did it wrong, big time, and
there were already implementations, and Borman had to carefully architect
the movement to the 'right' way.

You have it much easier.  with a new transform # and a clear statement that
HMAC is the required transform with the old one perhaps 'historical'

Let's do a last call on HMAC, please.  As a consumer I expect you all to do
this.

Robert Moskowitz
Chrysler Corporation
(810) 758-8212

Prev by Date: cisco ISAKMP/OAKLEY implementation
Next by Date: Re: IPsec transforms
Prev by thread: Re: (IMPORTANT) Call for AH-MD5 and ESP-DES to move forward
Next by thread: what I am proposing re HMAC
Index(es):
- Main
- Thread