[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Yoav Nir wrote:
>So RC4, Blowfish and IDEA are "MAY", but DES is "SHOULD NOT"? I think those
>should be at least as discouraged as DES.
That seems about right. DES has a 56-bit key, and hence is a poor choice
for deployment in new systems. Blowfish and IDEA are believed to be much
stronger.
RC4, on the hand, shouldn't be there. Are you sure that RC4 is a "MAY"
in the IPSec RFCs? If so, that should be fixed.