Re: I-D ACTION:draft-ietf-ipsec-esp-ah-algorithms-00.txt

[chris stillson <stillson@cardholder.eng.sun.com>]

This draft bilds down to the following tables:

      Requirement    Encryption Algorithm
      -----------    --------------------
      MUST           NULL (1)
      MUST-          TripleDES-CBC [RFC 2451]
      SHOULD+        AES-CBC with 128-bit keys [RFC 3602]
      SHOULD         AES-CTR [AES-CTR]
      SHOULD NOT     DES-CBC [RFC 2405] (3)

      Requirement    Authentication Algorithm
      -----------    ------------------------
      MUST           HMAC-SHA1-96 [RFC 2404]
      MUST           NULL (1)
      SHOULD+        AES-XCBC-MAC-96 [RFC 3566]
      MAY            HMAC-MD5-96 [RFC 2403] (2)

      Requirement    Algorithm
      -----------    ---------
      MUST           HMAC-SHA1-96 [RFC 2404]
      SHOULD+        AES-XCBC-MAC-96 [RFC 3566]
      MAY            HMAC-MD5-96 [RFC 2403] (1)


The +/- distinction is splitting hairs. MUST/SHOULD/MAY are enough to
convey any distinctions. Also, although MD5 has some know problems,
the fact that it's faster than SHA1 and provides enough security for
most uses implies that it should be a "SHOULD", if not a "MUST"

Also, AES-CBC should be a "MUST". It is quickly becoming the standard
in the same way DES was, with a much higher throughput and degree of
security. DES-CBC should be a "MUST NOT", but people will want it so
we will have to provide it.

chris stillson
IPSEC crypto monkey
x82477

Note: Preceding comments written by an engineer. There is nothing
to read into them. He really has no hidden motives or agendas.

1.Right Understanding 2.Right Thoughts 3.Right Speech 4.Right Action 
5.Right Livelihood 6.Right Effort 7.Right Mindfulness 8.Right Concentration 
--Please inform author if he has forgotten about any of these