On Thu, 24 Nov 2022, John Mattsson wrote:
Not too late to change. According to NIST, 2048-bit MODP Group and 224-bit
Random ECP Group are MUST NOT use if the information you
are protecting have a lifetime longer than 8 years (2031 - today). 1024-bit
MODP is two security levels below that. I think IETF in
generally way to slow if deprecating stuff. I would love to see the following
deprecated as well:
1024-bit MODP Group with 160-bit Prime Order Subgroup
1536-bit MODP Group
192-bit Random ECP Group
AUTH_HMAC_SHA1_96
PRF_HMAC_SHA1
With IKEv1 gone, I think we can start an update on 8724/8223 and do
these. As every IKEv2 stack supports SHA2, I think we move SHA1 from
MUST- to MUST NOT (hears Tero screaming in the distance)
Anyway, I don't think this should be done as part of this IKEv1 to historic
document.
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
