[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

To: ipsec@lists.tislabs.com
Subject: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
From: daw@mozart.cs.berkeley.edu (David Wagner)
Date: 11 Jun 2003 16:44:19 GMT
Distribution: isaac
Newsgroups: isaac.lists.ipsec
Organization: University of California, Berkeley
References: <16103.11318.799282.793338@pkoning.dev.equallogic.com> <000401c33027$f5ca27b0$292e1dc2@YnirNew>
Sender: owner-ipsec@lists.tislabs.com

Yoav Nir wrote:
>So RC4, Blowfish and IDEA are "MAY", but DES is "SHOULD NOT"?  I think those
>should be at least as discouraged as DES.

That seems about right.  DES has a 56-bit key, and hence is a poor choice
for deployment in new systems.  Blowfish and IDEA are believed to be much
stronger.

RC4, on the hand, shouldn't be there.  Are you sure that RC4 is a "MAY"
in the IPSec RFCs?  If so, that should be fixed.

References:
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: Paul Koning <pkoning@equallogic.com>
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: "Yoav Nir" <ynir@CheckPoint.com>

Prev by Date: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Next by Date: Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)
Prev by thread: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Next by thread: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Index(es):
- Date
- Thread