[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: starting on asking THE QUESTION
We'v volunteered to work with Jeff Schiller to come up with
appropriate draftage on othe DOI values and related parameters.
Just throwing DOI numbers over the wall is not productive. We're
still all dealing with the initial whimsical set -- how many people
implement HMAC-TIGER for example?
At 06:10 PM 7/15/99 +0300, you wrote:
>At 14:55 15.7.1999 +0200, Robert wrote:
>>
>> - DES in CBC mode [MD97]
>> - HMAC with MD5 [MG97a]
>> - HMAC with SHA-1 [MG97b]
>> - NULL Authentication algorithm
>> - NULL Encryption algorithm
>>
>
>Rodney wrote:
>> I think we need to have a second cipher to use, in the event 3DES is
>> found to be unsafe. This is not a reflection on the quality of 3DES.
>> In my opinion there are genuine legitimate concerns about the use of
>> DES, and there are definitely people out there in the commercial world
>> who wish to phase out it's use.
>
>There is no actual need to do anything.
>Everybody has implemented 3DES.
>We do have a second cipher to use, and even a third one,
>CAST-128 and blowfish. If people in the commercial world wish
>to use something else than DES, they can.
>
>If we add a "SHOULD implement CAST-128", does it matter?
>
>While we're at it, I'm very annoyed that there still are no
>values for using DESX in ISAKMP and IPsec. Could
>Mr. Tero "I have more ciphers than you have bits in your key" Kivinen
>please start the allocation of values to negotiate DESX, MARS,
>RC6, Rijndael, TwoFish and skipjack? Both Phase I and II.
>There are so many open slots, it wouldn't matter if we allocate
>numbers for all AES candidates.
>
>Jörn
>
>
References: