Oftentime, the _algorithm_ spec itself (for example, RFC 1321 for MD5, or the appropriate FIPS document for SHA-1 and/or DES) contains this information. I'd been under the working assumption to read the algorithm spec., as well as the "using algorithm <FOO> with IPsec." Just my $0.02 worth. Dan