[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms



>>>>> "Yoav" == Yoav Nir <ynir@CheckPoint.com> writes:

 Yoav> Me too.  With a statement that keys weaker than a certain level
 Yoav> (say, 128 bits although 96 is probably enough) SHOULD NOT be
 Yoav> used, I can live with DES being demoted to a SHOULD NOT.

96 is probably enough but it's not a common keysize, so 128 makes
sense. 

 Yoav> Still, I think that DES fits better with the definition of MAY:
 Yoav> "One vendor may choose to include the item because a particular
 Yoav> marketplace requires it or because the vendor feels that it
 Yoav> enhances the product while another vendor may omit the same
 Yoav> item."

But "MAY" is neutral, it expresses no value judgement about the
choice.  "SHOULD NOT" also allows the vendor to choose but clearly
recommends that you don't implement it.  That's the messsage I'd like
to see for short-key ciphers.

   paul