[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [saag] No need for SHA-2 Packet Authentication - Open Letter to the WG a nd Area Directors




On Wednesday, July 17, 2002, at 08:35 PM, Russell Dietz wrote:

> To the IPSec Working Group and Security Area Directors:
>
> The purpose of this letter is to comment on an existing Internet Draft,
> draft-ietf-ipsec-ciph-sha-256-00.txt, dated Nov 2001, co-authored by S.
> Frankel and S. Kelley. This draft, hereafter referred to as 
> DRAFT-SHA-256
> for brevity, defines how to use the new SHA-256 algorithm from NIST 
> (FIPS
> 180-2) for packet authentication within the ESP and AH mechanisms of 
> IPSec.

Russell,

I'm pretty indifferent to the topic of what ought or ought not be
mandatory-to-implement or maybe even standards-track RFC versus
informational RFC.  I am remarkably indifferent to any of the
mathematical parts of your note or Uri's followup.

I do feel pretty strongly that the above referenced draft ought to be
permitted to be published, at least as an Informational RFC, so that
those folks who choose to implement/deploy it can do so in an
interoperable manner.

Trying to prevent people from publishing open specifications for
entirely optional-to-implement technology is NOT consistent with
the Internet tradition.  I would hope that the RFC Editor would
apply their own good judgement to an individual request to publish
such a document as an Informational RFC if the situation should arise.

Yours,

Ran
rja@extremenetworks.com