Hi Paul, I think it is a good idea to have some indication in IANA about the current status of the algorithm, similar to recent changes in the TLS registry (and in fact I initiated this discussion in Bangkok).
> > I think we need an RFC to at least categorize the algorithms, unless we > > want the IANA registry to have stuff > like “SHOULD-“ and “MAY+: > > We only need to add the SHOULD NOT and MUST NOT's and possibly some > MAY's that are deemed otherwise ancient and deprecated (eg CAST) > > Anything with a + would surely not be deprecated as it is still climbing > up. Anything with a - is still in use and we cannot deprecate it yet. Well, I think it's a bit too complex for random implementer. I'd prefer to classify all algorithms as follows: 1. Secure, required for interoperability 2. Secure, not required for interoperability 3. Insecure (obsoleted) Regards, Valery. > Paul > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec