[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-esp-des-md5-01.txt
> quoting from the draft:
>
> This draft describes a combination of privacy and optionally,
> authentication, integrity and replay prevention into a single packet
> format.
>
> and later:
>
> The combinations of transformations are negotiated at key
> establishment time such as described in ISA/KMP [Maughan96] and
> Oakley [Orman96]. To conform with this RFC, of the 3 transforms
> documented in this RFC, only esp-DES-HMAC-RP shall be
> implemented.
>
> Ok, is integrity protection mandatory or not?
The text here seems to be clumbsy.
> My impression (and please correct me if I'm wrong) was that the
> consensus of the WG at the LA IETF was that privacy without integrity
> was too dangerous to implement; however, this draft is internally
> inconsistant about whether integrity is mandatory, and specifies
> transforms which it says should not be implemented.
>
> What's changed?
Nothing has "changed". If anything my text is less than clear.
The mandetory transform is des-hmac. It is optional to not have the integrity
and not to have replay.
As Bellovan has stated, DES-CBC without integrity has several vulnerabilties,
but that does not eliminate the viabilitiy of a des-only transform for
performance sensitive solutions that understand these vulnerabilities and
make an informed decision that the elimination of the hmac is not a problem.
Suggested text for the above 2 paragraphs will be welcome.
Is Ran's text replacent better?
jim