On Wed, 28 Feb 2001, *Hobbit* wrote:

> Earlier versions of the IPSEC standards required single-DES at a
> minimum, so it's not surprising that holdovers of this sort exist in
> any product. Would it be worth collecting a public list of "IKE to
> watch out for"?

i spoke to some folks at Cisco a couple of months ago, and one of the
things i inquired about was an ETA on VPN products shipping with AES. they
told me that at the time they weren't even looking at it since it was
still up in the air. as of today (feb 28, 2001) a deaft FIPS standard is
available on AES:


however, it's still a draft. it has 90 days of public review. in their
factsheet, NIST states that some time in late spring 2001 or early summer
of this year AES will be finalized.

aside from DES and 3DES, it looks like nothing else can reasonably be
standardized on. and with AES in the wings, so close in terms of a product
development and production cycle, this seems like a wise decision.

as such, i expect that this list of weak encryption products will be
lengthy. this is a real bummer than good, strong VPN encryption products
wont be available on the consumer market for some time. i'm just not
comfortable with DES for the obvious reasons, and 3DES seems to have its
occassional implementation problem, as well.

(in the meantime i have been using OpenBSD IPSec VPNs with Blowfish

