[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ISAKMP/Oakley algorithms
> In draft-ietf-ipsec-isakmp-oakley-02.txt it lists encryption and hash
> algorithms that are not listed with draft-ietf-ipsec-doi-02.txt (IDEA,
> Blowfish, Tiger). Should we try and keep all protocols the same between
> both levels or at least try and include the same commone core
> algorithms.
Those algorithms are used to protect ISAKMP-ISAKMP communication and are
not bound by the IPsec DOI. Ideally, a draft-ietf-ipsec-isakmp-oakley-02.txt
compatible peer can negotiate more than just IPsec.
I don't want to remove these algorithms to "keep all protocols the same"
but that goal can also be realized by writing an AH-Tiger-HMAC document,
and an ESP-IDEA-CBC-REPLAY-et-al document, etc. (insert emoticon here).
> Basically, I'd like to see DES3 added to this list as well a reference
> that points to these other les common algorithms.
Applied Cryptography references IDEA and Blowfish. I can add a reference
to Tiger.
Dan.
-------------------------------------------------------------------------------
Dan Harkins | E-mail: dharkins@cisco.com
Network Protocol Security, cisco Systems | phone: +1 (408) 526-5905
170 W. Tasman Drive | fax: +1 (408) 526-4952
San Jose, CA 95134-1706, U.S.A. | ICBM: 37.45N, 122.03W
-------------------------------------------------------------------------------
For your safety and the safety of others: concealed carry, and strong crypto
-------------------------------------------------------------------------------
References: