[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Suppose my policy is configured for NULL encryption, would this mean I MUST
encrypt if the offer proposes, say, 3DES first and NULL second?
At 09:38 AM 6/3/99 -0700, Derrell D. Piper wrote:
>> So let me ask the entire working group: should vendors be prohibited from
>> accepting a key length greater than what they have configured? Should they
>> be prohibited from accepting a stronger group?
>
>Absolutely not and I'd go so far as to make it a SHOULD instead of a MAY.
>
>We're trying to design good security, not workarounds for bad
implementations.
>
>Derrell
>
>
Follow-Ups:
References: