[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Derived versus Explicit IV



I agree with Roy completely here.    We've had a directive from the chair to 
obsolete 1829.  Bob indicated quite clearly that he saw no need for backwards
compatibility.    And as stated in this thread earlier, "whether you like it or not,"
being compatible with 1829 is not a goal for this group or our documents. 


>From the same July 03 mail from Bob that Simpson quotes:

>Thus as an educated consumer, I reject all concerns about backwards
>compatibility.  As co-chair of a protocol group, I seriously question the
>value of backwards compatibility in this case, other than a foot-note and
>some accommodation.

"Some accommodation" does not indicate mandatory implementation of obsolete
features even in the manually configured case. 

Roy states my opinions on the rest of this thread so well that I don't feel any need
to add any more.. %)  Thanks Roy. 

This thread boarders on the waste'o'bandwith. If we're going to talk about what
should be mandatory, we must focus on what we as a group feel comfortable 
putting forward within the constraints laid down by the chair.    In this setting,
it seems clear that des-cbc-expliciv for ESP and hmac-md5  for AH are the 
choices.  

-----Original Message-----
From:	Roy Pereira [SMTP:rpereira@TimeStep.com]
Sent:	Wednesday, July 23, 1997 8:47 AM
To:	'ipsec@tis.com'
Subject:	RE: Derived versus Explicit IV


>Ted is somewhat confused.
>
>The mandatory to implement _manually_ configured algorithm is
>ciph-des-derived.

No, Bill, you are confused.  The mandatory cipher algorithm mentioned is
a relic from the days when we only had one DES transform.  Now that we
have different flavours of DES transforms (thanks to you), the mandatory
cipher algorithm needs to be more clearly defined.  This is why the
point was raised in the first place.

.
.
.


Follow-Ups: