[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt

To: ipsec@tis.com, "William Allen Simpson" <wsimpson@GREENDRAGON.COM>
Subject: Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt
From: Robert Moskowitz <rgm-ietf@htt-consult.com>
Date: Wed, 09 Sep 1998 23:18:07 -0400
Cc: ietf@ietf.org, ipsec@tis.com
In-Reply-To: <199809092258.SAA24165@dcl.MIT.EDU>
References: <William Allen Simpson's message of Wed, 9 Sep 98 19:11:01 GMT,<7538.wsimpson@greendragon.com>
Sender: owner-ipsec@ex.tis.com

At 06:58 PM 9/9/98 -0400, Theodore Y. Ts'o wrote:
>
>It was omitted from the IPSEC last call due to an oversight; which was
>only caught by the RFC Editor.  As the other documents, in particular
>the DOI document, contain normative references to this document, we need
>to advance this document before the other IPSEC documents can be
>advanced.

Not to argue with my good co-chair, but the oversight was the normative
references.  Back in April when we were finally getting the docs out of
last call (and yes, draft-ietf-ipsec-ciph-cbc-01.txt and 02.txt were part
of that last call in the workgroup), our AD worked with me to see if we
could 'stage' the drafts for the IESG.  draft-ietf-ipsec-ciph-cbc-02.txt
was then taken out of the list sent on to the IESG even though the doc
editor asked thta it be included with the orginal set.  For this reason
there never was an IETF last call on it.

Now that our alert RFC editor found the normative reference, we have
rewoken the wg on this doc as Ted mentioned.  With the publication of
draft-ietf-ipsec-ciph-cbc-03.txt, there will now be a IETF last call and
then on to the IESG so we can get the full set out.

>From: "William Allen Simpson" <wsimpson@greendragon.com>
>
>   (1) If there is a need for a "normative" CBC mode description, this is
>       already available as draft-simpson-cbc-01.txt, which has long been
>       awaiting publication as Informational (no last call is needed).
>

This is the problem with wgs that take years to complete.
draft-simpson-cbc-01.txt talks about CBC, as some people felt that the IETF
needed a document defining how to do CBC.  draft-ietf-ipsec-ciph-cbc-03.txt
defines a set of CBCish crypto algorithms for use in IPsec as per the
Roadmap doc.  The name space overlap is regretable.  And of course, not all
of the CBC cryptos are in this unified doc.  DES is not, and you, Bill, are
working on a revised DESX per the note from Bellovin and Rivest.

>   (2) Including multiple ciphers in the document makes it difficult or
>       impossible to advance.  We have often had this problem with "kitchen
>       sink" options documents in other WGs.
>
>   (3) Several of the ciphers are proprietary, and are not likely to be
>       universally implemented, again making it impossible to advance.
>
>Indeed, originally we had separate documents for each of the cipher
>algorithms.  It was the decision of the IPSEC working group that having
>five or six documents of which 90% of the text was boilerplate, and only
>a minor portion of the text was specific to an encryption algorithm was
>hard to manage, and that it would be clearer to consolidate the
>algorithms into a single document.

For those that have not looked at this doc for a while, the algorithms
included are:  3DES, RC5, CAST, IDEA, and BLOWFISH.  From casual
conversations, we very well might see all of these in a few
implementations.  I am aware of one small company for whom the IDEA
royalties are not a problem and it sounds like they have licensed BSAFE.
We shall see.  Bill's point is a good one about option groupings, but the
wg was just getting document overload.

References:

Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

Prev by Date: IKE clarifications
Next by Date: Information on the IBM IPsec workshop
Prev by thread: Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt
Next by thread: Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt
Index(es):
- Main
- Thread