[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crypto algorithms for IKEv2

To: ipsec@lists.tislabs.com
Subject: Re: Crypto algorithms for IKEv2
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Wed, 14 May 2003 16:42:23 -0700
In-Reply-To: <p0521060cbad316b2792a@[63.202.92.152]>
References: <p0521060cbad316b2792a@[63.202.92.152]>
Sender: owner-ipsec@lists.tislabs.com

Greetings again. Based on the feedback from the WG, I have revised my 
crypto algorithms for IKEv2 draft. The new version is available at 
<ftp://ftp.ietf.org/internet-drafts/draft-hoffman-ipsec-algorithms-01.txt>.

The changes are:

2.1: Removed ENCR_DES_IV32 and ENCR_RC4, which didn't have references,
and renumbered the ones below them. Also added draft names for AES
ciphers.

2.2: Added a reference for PRF_AES128_CBC, but am not sure this is
correct or sufficient.

2.3: Removed DES_MAC because there was no reference for it. Renumbered.
Added reference for AUTH_AES_XCBC_96.

3.1 and 3.2: Added requirements for perfect forward secrecy.

3.2: Updated the IDs because of the renumbering in sections 2.1 and 2.3.

Please review the document and post any comments to the WG mailing 
list. It would be good to get this part of the IKEv2 work finished 
soon.

--Paul Hoffman, Director
--VPN Consortium

Prev by Date: RFC 3526 on More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)
Next by Date: Re: Peer liveliness
Prev by thread: Re: Crypto algorithms for IKEv2
Next by thread: Re: ikev2-07: last nits
Index(es):
- Date
- Thread