On Mon, 10 Mar 2014, paul_kon...@dell.com wrote:
That’s a good argument for a user choosing to use AES-128 rather than AES-256. But it doesn’t really address why “SHOULD implement” isn’t justified — the implementation cost is trivial and if it isn’t used it has no performance impact.
It's not the implementation cost that matters. It is the GUI confusion. For example one vendor uses "aes" as aes128, and another vendor uses "aes" for aes256 (or aes_ctr or aes_cbc or aes_gcm). Each option we expose needlessly to the enduser is one more potential interop issue. Paul _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec