[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Paul Hoffman / VPNC wrote:
>Any algorithm with a variable key size could be considerably weaker
>than DES. Unless you are going to start listing key sizes and giving
>each size a rating, saying SHOULD NOT for DES but MAY for some other
>algorithm that can use 40-bit keys is silly.
I don't recall a MAY requirement for any 40-bit cipher. We debated
40-bit ciphers a long time ago (remember export controls?), and we came
to consensus many years ago that 40-bit ciphers have no place in IPSec.
Are you saying there is a MAY requirement for a 40-bit cipher? If so,
that should be fixed, but I don't believe it.
In short, I don't see how your argument is relevant to whether DES is
a SHOULD NOT, a MAY, or something else.
By the way, what matters is not whether a cipher could support 40-bit
keys, but whether, /as standardized in IPSec/, it uses 40-bit keys.
There's nothing wrong with the former; but the latter is to be avoided.