[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AES, AES-MAC
Hello,
I need some clarification on the current status of
the new AES algorithm in the context of the IPsec
standards. Am I correct in assuming the following:
- There are IANA numbers for the use of AES
both in IPsec and IKE
- There is a draft on the use of AES (including
losing candidates) in IPsec.
Implementing these is quite straightforward
and lots folks have implementations, including
us. But what is unclear to me is the following:
- Is there a need for 'use of AES in IKE'
document?
- What is the standards process: when do
these algorithms find their way to RFCs,
or is it enough with the IANA reservations
and the NIST standards? In particular, when
can other groups and vendors refer to the
use of AES within IPsec in some way other
than through working documents?
- I believe it is possible to use AES as
a MAC algorithm a la DES-MAC. Has this
been specified by NIST? Has it been specified
by IETF how to use it in the context of IPsec?
- I seem to remember talk about SHA-256/384/512.
What are these and have their use been
specified for IPsec? What is their relationship
to AES-MAC?
Thanks,
Jari
Follow-Ups: