[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last ditch proposal for crypto suites

To: ipsec@lists.tislabs.com
Subject: Re: Last ditch proposal for crypto suites
From: Mouse <uri@optonline.net>
Date: Thu, 29 Aug 2002 15:54:55 -0400
In-reply-to: <20020829172419.3DF707B4C@berkshire.research.att.com>
References: <20020829172419.3DF707B4C@berkshire.research.att.com>
Reply-to: uri@optonline.net
Sender: owner-ipsec@lists.tislabs.com

On Thursday 29 August 2002 13:24, Steven M. Bellovin wrote:
> >Based on .......... the agony I hear from users, I'm a strong
> > proponent of suites.
>
> If I understand you correctly, you're saying that implementors and/or
> administrators are making different choices on what combinations to
> offer, thus hurting interoperability?  That suggests that even if we
> stick with a la carte, we should specify which combinations MUST be
> offered, from among the standard algorithms (subject to administrator
> security override, of course).

Yes.

> Aside -- and donning my AD hat for a moment -- I've become increasing
> concerned about interoperability.  We need to ensure that our
> standards, as well as being technical correct and secure, specify
> a minimum set of mandatory-to-implement mechanisms that will always
> be there.  

I'm afraid it means - we must do suites.  I myself am concerned that
my pet crypto algorithms might not be there - but still analyzing and
standardizing suites seems a much better idea than a-la carte.
-- 
Regards,
Uri-David
-=-=-<>-=-=-
<Disclaimer>

References:
- Re: Last ditch proposal for crypto suites
  - From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: Re: Last ditch proposal for crypto suites
Next by Date: RE: Last ditch proposal for crypto suites
Prev by thread: Re: Last ditch proposal for crypto suites
Next by thread: Re: Last ditch proposal for crypto suites
Index(es):
- Date
- Thread