Hi I think this document is ready.
A quick glance at the tables in section two lead me to ask some questions: Why is DES singled out, while things like HMAC-MD5 are not discouraged? Why is there no algorithm diversity? Why is HMAC-SHA-256 not there? However, reading section 4 answered all of those questions, so I think it’s clear. The only nit I can find is that “+” means “in the future this will be more encouraged”, and “-“ means “in the future this will be less encouraged, except for “SHOULD NOT+”. It might be more consistent if that was called “SHOULD NOT-“. But that is nit-picking, as the text does explain what that means. Yoav On Feb 25, 2014, at 8:48 PM, Yaron Sheffer <yaronf.i...@gmail.com> wrote: > Hi, this is to start a 2-week working group last call on the revised > Algorithm Implementation Requirements document, ending March 11. The draft is > at: http://tools.ietf.org/html/draft-ietf-ipsecme-esp-ah-reqts-01. We should > have last called the draft a while ago, and I apologize for the delay. > > The changes from the existing requirements are listed in Sec. 2.5 of the > draft, but most of this (rather short) document is new and describes the > rationale for the choice of algorithms and requirement levels. > > Please read this draft and send any comments to the WG mailing list, even if > the comments are "I see no problems". Comments such as "I do not understand > this part" or "this part could be explained better in this way" are > particularly useful at this point. > > Thanks, > Yaron > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec