[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Unfixed errors and issues indraft-ietf-ipsec-ikev2-algorithms-03.txt

To: ipsec@lists.tislabs.com
Subject: Unfixed errors and issues indraft-ietf-ipsec-ikev2-algorithms-03.txt
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Mon, 18 Aug 2003 11:41:50 -0700
Sender: owner-ipsec@lists.tislabs.com

Greetings again. The latest version of the IKEv2 algorithms document 
still has significant errors and issues that were pointed out earlier 
but not fixed. The WG discussion made it clear that the algorithms 
document should only list strong cryptography that is expected to 
widely used.

- There is still a definition for "SHOULD-" even though it not used 
as a designator in the document.

- PRF_HMAC_TIGER is given a value even though it is wholly unused in 
the real world in IKEv1.

- AUTH_DES_MAC and AUTH_KPDK_MD5 are listed even though few (if any!) 
implementations of IKEv1 have them. Further, the reference for 
AUTH_KPDK_MD5 seems bogus.

Also, as a nit, there are many references missing.

--Paul Hoffman, Director
--VPN Consortium

Prev by Date: IKEv2 SA rekeying - naming an initial SA
Next by Date: IKEv2 INFO exchange question???
Prev by thread: Re: IKEv2 SA rekeying - naming an initial SA
Next by thread: IKEv2 INFO exchange question???
Index(es):
- Date
- Thread