Re: I-D ACTION:draft-ietf-ipsec-esp-ah-algorithms-00.txt

[Russ Housley <housley@vigilsec.com>]

I agree with Ted, but add that it is important to get implementors to 
structure their implementations so that authenticated encryption modes can 
be accommodated.  AES-CCM is important in that it is the first one of those 
that has been specified for use with ESPbis.

Russ

At 01:06 PM 12/30/2003 -0500, Theodore Ts'o wrote:
>On Tue, Dec 30, 2003 at 12:06:41PM -0500, Eastlake III Donald-LDE008 wrote:
> > I'm inclined to modify the draft to define "MAY+", meaning MAY but
> > likely to change to SHOULD, and to list AES-CCM as having that status.
>
> From my perspective, the most important thing is to encourage
>implementors to experiment with AES-CCM, and to start testing it in
>various interoperability tests.  This is far more important than
>whether or not AES-CCM is "SHOULD", or "MAY", or "MAY+".
>
>So Tero's question is probably the most pertinent one --- has anyone
>played with AES-CCM in their implementation yet?
>
>                                         - Ted