[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
>>>>> "Yoav" == Yoav Nir <ynir@CheckPoint.com> writes:
Yoav> Me too. With a statement that keys weaker than a certain level
Yoav> (say, 128 bits although 96 is probably enough) SHOULD NOT be
Yoav> used, I can live with DES being demoted to a SHOULD NOT.
96 is probably enough but it's not a common keysize, so 128 makes
Yoav> Still, I think that DES fits better with the definition of MAY:
Yoav> "One vendor may choose to include the item because a particular
Yoav> marketplace requires it or because the vendor feels that it
Yoav> enhances the product while another vendor may omit the same
But "MAY" is neutral, it expresses no value judgement about the
choice. "SHOULD NOT" also allows the vendor to choose but clearly
recommends that you don't implement it. That's the messsage I'd like
to see for short-key ciphers.