RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

[Paul Koning <pkoning@equallogic.com>]

>>>>> "Paul" == Paul Hoffman </ VPNC <paul.hoffman@vpnc.org>> writes:

 Paul> At 10:22 AM -0400 6/12/03, Paul Koning wrote:
 >> 96 is probably enough but it's not a common keysize, so 128 makes
 >> sense.

 Paul> But only if you want to eliminate TripleDES, whose key size is
 Paul> 112 bits. No one counts the parity bits as meaningful.

Indeed, one doesn't count the parity bits.  So the 3DES key length is
168 bits, because IPsec uses 3-key 3DES.

 Paul> Yes, I'm being picky about this. As we have seen from IKEv1,
 Paul> sloppy wording which "everybody" understands at the time the
 Paul> RFC is issued becomes confusing and leads to lack of
 Paul> interoperability within a few short years.

Agreed.
	paul