[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

On 11 Jun 2003, David Wagner wrote:
> I don't recall a MAY requirement for any 40-bit cipher.  We debated
> 40-bit ciphers a long time ago (remember export controls?), and we came
> to consensus many years ago that 40-bit ciphers have no place in IPSec.
> Are you saying there is a MAY requirement for a 40-bit cipher?  If so,
> that should be fixed, but I don't believe it.

RFC 2451 Blowfish allows keys as short as 40 bits, as does RFC 2451 CAST. 
RFC 2451 IDEA does not. 

                                                          Henry Spencer