[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

To: ipsec@lists.tislabs.com
Subject: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
From: Black_David@emc.com
Date: Fri, 13 Jun 2003 19:30:45 -0400
Sender: owner-ipsec@lists.tislabs.com

> Me too.  With a statement that keys weaker than a certain 
> level (say, 128 bits although 96 is probably enough) SHOULD 
> NOT be used, I can live with DES being demoted to a SHOULD NOT.
> 
> Still, I think that DES fits better with the definition of 
> MAY: "One vendor may choose to include the item because a 
> particular marketplace requires it or because the vendor 
> feels that it enhances the product while another vendor may 
> omit the same item."

We need to write requirements that have a reasonable lifetime;
keep in mind how long the MUST for DES survived.  DES is already
embarrassingly weak, and will only get weaker.

In the algorithms draft, I'd like to see:
	- SHOULD NOT use DES
	- SHOULD NOT use keys shorter than 128 bits
The latter is about key length, not effective strength of the
cipher against best known attack.

Thanks,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------

Follow-Ups:
- RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
  - From: "Yoav Nir" <ynir@CheckPoint.com>

Prev by Date: Re: draft-ietf-ipsec-doi-tc-mib-07.txt and friends
Next by Date: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Prev by thread: Re: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Next by thread: RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms
Index(es):
- Date
- Thread