[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)


On Wed, Jun 11, 2003 at 11:54:33AM -0400, Bill Sommerfeld wrote:
> > The FreeS/WAN project dropped single-DES support over four years ago, at
> > management insistence.  This caused surprisingly few interoperability
> > problems.  (There were one or two.)  I think it is now quite safe to say
> > that DES-only environments involve either obsolete software or specialized
> > requirements -- a perfect case for SHOULD NOT.
> One more vote for SHOULD NOT.

One more vote for SHOULD NOT.

Single-DES should be treated like NULL cipher. It has been broken.
People will start laughting at you if this goes into the RFC any different

> 						- Bill

p.s. I actually know people who are already 'amused' that this topic
requires such an extensive discussion.
p.s.s.: History taught us that the 'we let it up to the user to decide'-attitude
does not work in the real world.