[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)
On Wed, 11 Jun 2003, Paul Hoffman / VPNC wrote:
> >> So you think it is better to give a lower recommendation for an
> >> algorithm with a known (weak) key strength than to algorithms that
> >> could be much weaker, including zero encryption.
> >Where, exactly, did either Bill or I say that? Please be precise.
>
> I only saw messages about making DES be SHOULD NOT, not any messages
> about making all the other variable-length ciphers SHOULD NOT. If you
> sent such a message and I missed it, I apologize.
You're still jumping to conclusions -- the fact that you have not heard
from me about the variable-length ciphers tells you nothing about my
position on them, so you cannot legitimately infer that I consider dealing
with them unimportant. (And your "zero encryption" remark remains odd,
because none of the RFC 2451 variable-length ciphers goes down to zero.)
My position on them actually lines up closely with David Wagner's most
recent message: they *are* lower priority -- not because they are better,
but because they are little-used and do have at least the option of longer
keys -- but it would nevertheless be good to deal with them too. Dealing
properly with DES, however, is *important*.
Henry Spencer
henry@spsystems.net