[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Luckily the IETF has a standing policy to ignore local (political)
issues (such as key length restrictions) during the standards process.
The fact that some of us live in less-free countries does not mean
that the standard cannot require us to create something that might be
illegal to use in (or export from) our own country. This means we
can reasonably ignore political issues when answering these technical
questions.
So, the question is: TECHNICALLY, is there any reason not to use
'must' in this case?
-derek
Paul Koning <pkoning@xedia.com> writes:
> As you well know, some of us (fortunately not you) have to deal with
> government restrictions on key length. That means that a particular
> product may be required to reject (for example) RC4 keys longer than
> 56 bits even though longer keys require no more processing. The
> reason is not technical but political.
>
> Similarly, in other countries a customer may be prohibited from using
> keys longer than, say, 128 bits, so again the implementation would
> have to reject your hypothentical proposal of a 448 bit key.
>
> So while I'm comfortable with "should", I cannot accept "must".
>
> paul
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available
Follow-Ups:
References: