[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPsec mandatory authentication algorithms

To: ipsec@tis.com
Subject: IPsec mandatory authentication algorithms
From: Karen Seo <kseo@bbn.com>
Date: Tue, 7 Oct 97 2:59:12 EDT
cc: kseo@bbn.com
Sender: owner-ipsec@ex.tis.com

Folks,

There's an inconsistency between the AH and ESP specs and the DOI.

  The AH and ESP specs list 2 mandatory authentication algorithms:
        - HMAC with MD5 
        - HMAC with SHA-1

  The DOI lists 1 mandatory authentication algorithm:
        - HMAC with MD5 
  and 1 "strongly encouraged" authentication algorithm:
        - HMAC with SHA-1

We pinged Derrell, Bob, and Ted and no particular reason to use one or
the other approach turned up.  So please let us know which approach
you'd prefer (and why) by 10/13.  If we don't hear from anyone, we'll
make the architecture document match the DOI, i.e., 1 mandatory and one
strongly encouraged.

Thank you,
Karen

Follow-Ups:

Re: IPsec mandatory authentication algorithms

From: "C. Harald Koch" <chk@utcc.utoronto.ca>

Prev by Date: IPsec Architecture -- proposed changes
Next by Date: I-D ACTION:draft-ietf-ipsec-esp-v2-01.txt
Prev by thread: Re: IPsec Architecture -- proposed changes
Next by thread: Re: IPsec mandatory authentication algorithms
Index(es):
- Main
- Thread