[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SHOULD NOT DES (was RE: Editorial: Use of MAY...)

On Wed, 11 Jun 2003, Yoav Nir wrote:
> DES may be too weak for some applications, but it is a widely used standard.

As is sending passwords in clear with no encryption at all.  Just because
it is widely used doesn't mean it is good enough for us to recommend it
for use in IPsec.

"Neglect of duty does not cease, by repetition, to be neglect of duty."
							-- Napoleon

> It is up to the user to decide whether DES is strong enough for their
> application or not.

Correct, and it is up to us to indicate wise choices for the bulk of
applications.  "SHOULD NOT" is precisely the right wording here -- it
specifies something that is typically unwise but may be necessary in
unusual circumstances. 

IPsec has long suffered from an unwillingness to make decisions and give
specific recommendations, even when the technical issues were clear-cut. 
It is time to be a bit more decisive.

> We wish the standards to ensure interoperability...

And security.  Which DES no longer delivers very well.

The FreeS/WAN project dropped single-DES support over four years ago, at
management insistence.  This caused surprisingly few interoperability
problems.  (There were one or two.)  I think it is now quite safe to say
that DES-only environments involve either obsolete software or specialized
requirements -- a perfect case for SHOULD NOT.

                                                          Henry Spencer