[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Crypto algorithms for IKEv2

To: pbaker@verisign.com
Subject: RE: Crypto algorithms for IKEv2
From: Paul Koning <pkoning@equallogic.com>
Date: Tue, 29 Apr 2003 09:10:03 -0400
Cc: jzhang@elmic.com, paul.hoffman@vpnc.org, ipsec@lists.tislabs.com
References: <CE541259607DE94CA2A23816FB49F4A301AE23C1@vhqpostal6.verisign.com>
Sender: owner-ipsec@lists.tislabs.com

>>>>> "Phillip" == Phillip Hallam-Baker <Hallam-Baker> writes:

 Phillip> At the RSA crypto panel Bruce told folk to use AES. better
 Phillip> we all use the same thing.

 Phillip> At this point I would rather we start deprecating algorithms
 Phillip> rather than add more.

 Phillip> I would especially like to get rid of RC4, including a
 Phillip> stream cipher in a list of block ciphers is real bad news,
 Phillip> especially when the traditional default has been a block
 Phillip> cipher. There are lots of unexpected problems that occur
 Phillip> with stream ciphers which is why lots of folk avoid them in
 Phillip> designs.

Considering that IPsec doesn't work with stream ciphers, that would
seem to be a very good idea.

     paul

References:
- RE: Crypto algorithms for IKEv2
  - From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Prev by Date: RE: MIB doctor review of draft-ietf-ipsec-doi-tc-mib-07.txt
Next by Date: Re: Crypto algorithms for IKEv2
Prev by thread: RE: Crypto algorithms for IKEv2
Next by thread: Re: Crypto algorithms for IKEv2
Index(es):
- Date
- Thread