Hi Paul,
> The draft lists the following trasforms based on AES cipher:
>
> AES-GCM
> AES-CCM
> AES-CTR
> AES-128-CBC
> AES-GMAC
> AES-XCBC-MAC-96
>
> All these transforms, except for AES-XCBC-MAC-96,
> allows to be used with different key lengths - 128, 192 and 256 bits.
> It looks strange to me that, unlike the others, AES-128-CBC
> has key length explicitely specified in the draft. Why it differs in
> this respect from the others? What about AES-192-CBC and
> AES-256-CBC - are they also "MUST" or "MAY"? Or even "MUST NOT"? :-)
>
> I think the draft should either:
> - remove explicit key length from AES-128-CBC and make it just AES-CBC
> - add explicit key length to all other AES-based transforms (except for
> AES-XCBC-MAC-96)
> - leave things as is, but explain why AES-CBC differs in this respect
> from the others
The next draft changes AES-128-CBC to AES-CBC, and says:
In the following sections, all AES modes are for 128-bit AES. 192-bit AES
MAY be supported for those modes, but the requirements here are for
128-bit AES.
And please, add the same words for 256-bit AES as for 192-bits AES.
Regards,
Valery.
--Paul Hoffman
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
