[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

To: daw@mozart.cs.berkeley.edu (David Wagner), ipsec@lists.tislabs.com
Subject: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Wed, 11 Jun 2003 10:57:15 -0700
In-Reply-To: <bc7mgd$l6n$2@abraham.cs.berkeley.edu>
References: <16103.11318.799282.793338@pkoning.dev.equallogic.com><000401c33027$f5ca27b0$292e1dc2@YnirNew><16103.13425.642338.266792@pkoning.dev.equallogic.com><p05210602bb0d0633620f@[63.202.92.152]><bc7mgd$l6n$2@abraham.cs.berkeley.edu>
Sender: owner-ipsec@lists.tislabs.com

At 4:48 PM +0000 6/11/03, David Wagner wrote:
>I don't recall a MAY requirement for any 40-bit cipher. We debated
>40-bit ciphers a long time ago (remember export controls?), and we came
>to consensus many years ago that 40-bit ciphers have no place in IPSec.
>Are you saying there is a MAY requirement for a 40-bit cipher?  If so,
>that should be fixed, but I don't believe it.

draft-ietf-ipsec-ikev2-algorithms-02.txt, the document under 
discussion, has MAY level for many encryption algorithms that have 
key sizes down to 40. It's pretty clear in the draft, regardless of 
what you believe.

>By the way, what matters is not whether a cipher could support 40-bit
>keys, but whether, /as standardized in IPSec/, it uses 40-bit keys.
>There's nothing wrong with the former; but the latter is to be avoided.

Anyone who wanted to write a replacement for RFC 2451 has had almost 
five years to do so; so far, no one has.

--Paul Hoffman, Director
--VPN Consortium

Follow-Ups:
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: daw@mozart.cs.berkeley.edu (David Wagner)

References:
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: Paul Koning <pkoning@equallogic.com>
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: "Yoav Nir" <ynir@CheckPoint.com>
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: Paul Koning <pkoning@equallogic.com>
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: daw@mozart.cs.berkeley.edu (David Wagner)

Prev by Date: Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)
Next by Date: Fwd: LAST CALL: IKE Crypto documents I-D's
Prev by thread: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Next by thread: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Index(es):
- Date
- Thread