[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Default" cipher and authenticator

To: ipsec@tis.com, Rodney Thayer <rodney@sabletech.com>
Subject: Re: "Default" cipher and authenticator
From: Ran Atkinson <rja@inet.org>
Date: Tue, 22 Jul 97 14:55:30 GMT Daylight Time
References: <3.0.1.32.19970721181204.007da320@pop3.pn.com>
Sender: owner-ipsec@ex.tis.com

--- On Mon, 21 Jul 1997 18:12:04 -0400  Rodney Thayer <rodney@sabletech.com> wrote:

> I didn't think we made SHA-1 part of the minimum default.  I thought it was
> just HMAC MD5.  I agree with the DES CBC Explicit IV.

In 1996, the IESG objected to having two mandatory-to-implement authentication
algorithms.  At that time, I thought the result was that HMAC MD5 was 
mandatory-to-implement and standard while HMAC SHA-1 was optional-to-implement 
and standard.

Things could easily be different now.  I'd be interested in hearing 
a definitive answer on this question from the current co-chairs.

Ran
rja@inet.org

References:

"Default" cipher and authenticator

From: Rodney Thayer <rodney@sabletech.com>

Prev by Date: Re: New draft -- IPSEC ESP
Next by Date: Re: New draft -- IPSEC ESP
Prev by thread: Re: "Default" cipher and authenticator
Next by thread: Re: "Default" cipher and authenticator
Index(es):
- Main
- Thread