[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

To: daw@mozart.cs.berkeley.edu (David Wagner), ipsec@lists.tislabs.com
Subject: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Wed, 11 Jun 2003 12:30:44 -0700
In-Reply-To: <bc7sms$m70$1@abraham.cs.berkeley.edu>
References: <bc7mgd$l6n$2@abraham.cs.berkeley.edu><Pine.BSI.3.91.1030611133321.23614D-100000@spsystems.net><bc7sms$m70$1@abraham.cs.berkeley.edu>
Sender: owner-ipsec@lists.tislabs.com

At 6:34 PM +0000 6/11/03, David Wagner wrote:
>It's not what size keys the cipher supports that matters; it's what size
>keys are standardized for use in IPSEc.

Exactly right.

>Maybe we should add a line to RFC2451 saying that users SHOULD NOT
>use key sizes shorter than the default.  There's no good reason to use
>shorter keys.  This addition would make everything consistent with a
>SHOULD NOT policy for DES.  Will this make everyone happy?

It would certainly make me happier. That way, we would not be having 
different recommendations for IKEv1 than what we have for IKEv2. 
Actually, a complete revision to RFC 2451 would be nice, including 
removing algorithms for which there are not stable references.

--Paul Hoffman, Director
--VPN Consortium

Follow-Ups:
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: "Yoav Nir" <ynir@CheckPoint.com>

References:
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: daw@mozart.cs.berkeley.edu (David Wagner)
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: Henry Spencer <henry@spsystems.net>
- Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: daw@mozart.cs.berkeley.edu (David Wagner)

Prev by Date: Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)
Next by Date: Re: Fwd: LAST CALL: IKE Crypto documents I-D's
Prev by thread: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Next by thread: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Index(es):
- Date
- Thread