> On Nov 30, 2022, at 02:16, Valery Smyslov <[email protected]> wrote: > > Hi Sean, > > [snipped] > >>> I'm not sure the DEs have enough qualification to judge whether the proposed >>> algorithm is good or bad with its cryptographic properties. I believe it is >>> the CFRG's task >>> to bless algorithms and the DEs should only pay attention to is whether >>> the proposed algorithm meets the protocol restrictions (and those are >>> listed in Section 4.1 for the DEs). >> >> Valery you’re not giving yourself and Tero enough credit ;) > > :-) > >> But, you did say exactly what I hoped you >> would say, in that the CFRG is going to evaluate the alg. Note sure if this >> needs to be documented. > > In my opinion it is not needed. While CFRG generally evaluates most of > algorithms > that populate this registry, some of them could be added without this > evaluation. > I mean those algorithm that were specified outside of IETF or published via > ISE > (I'm here speaking as author of RFC 9227 and draft-smyslov-ike2-gost). > > In IPSECME we have RFC 7321 and RFC 8247 that list the currently recommended > algorithms, > and these RFCs are updated from time to time, because even CFRG "blessing" is > not eternal :-)
AH, I’d forgotten about these two! Yep - you convinced me no need to say anything. Cheers, spt _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
