[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SHOULD NOT DES (was RE: Editorial: Use of MAY...)
> You're still jumping to conclusions -- the fact that you have not heard
> from me about the variable-length ciphers tells you nothing about my
> position on them, so you cannot legitimately infer that I consider dealing
> with them unimportant. (And your "zero encryption" remark remains odd,
> because none of the RFC 2451 variable-length ciphers goes down to
And the null cipher for ESP is qualitatively different; it's an
alternative to AH for applications where privacy is clearly not
> My position on them actually lines up closely with David Wagner's most
> recent message: they *are* lower priority -- not because they are better,
> but because they are little-used and do have at least the option of longer
> keys -- but it would nevertheless be good to deal with them too. Dealing
> properly with DES, however, is *important*.
And, for the record, "What Henry Said".