[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKEv2 algorithms and UI suites comments



At 6:54 PM -0400 6/20/03, Black_David@emc.com wrote:
>Section 4.1.3
>
>At the risk of reopening an old topic, given the
>absence of a specification for use of RC4 with ESP
>and the known risks of stream cipher-based design
>by non-experts, would SHOULD NOT be more appropriate
>than MAY for ENCR_RC4?

Or, better yet, not list it at all? If we can't define precisely how 
to use it, we shouldn't give it an IANA number at all. If someone 
later defines it in an RFC, they can get an IANA number then.

>UI Suites: draft-ietf-ipsec-ui-suites-01.txt                     
>
>Section 2.2, "VPN-B" suite specifies:
>
>Pseudo-random function   AES-XCBC-MAC-96 [AES-XCBC-MAC]
>
>Shouldn't that be AES-XCBC-MAC without the -96 (only
>for the prf)?
>
>The -96 version discards 32 bits at the final
>step because only 96 bits are sent on the wire, but
>that's not desirable behavior for a prf, and the full
>specification of the 128 bit version (including
>128 bit test vectors) is in the [AES-XCBC-MAC] draft.

It should actually be to the new PRF-AES-XCBC-128 draft. I'm waiting 
for the WG chairs to approve the document as a WG document, or to say 
that we should use 96-bit PRF here.

--Paul Hoffman, Director
--VPN Consortium