Hi Rich,
I strongly disagree with your statement that “this is premature”, and the
slides that you cite do not support that claim. I totally agree with the
points in Kenny’s slides, especially as they pertain to QKD and SDO-shopping,
but they say nothing about improvements to security protocol
Hi Sheila,
Thanks for pointing this out. I agree that the draft needs to be changed
to align with the ESP RFC.
David
On 3/12/13 10:01 AM, "Frankel, Sheila E." wrote:
>Hi David and Wajdi,
>
>Your updated ESP/AH algorithm doc looks great, and is very much needed. I
>just have one comment. You
On 11/8/12 3:26 AM, "Johannes Merkle" wrote:
>Hi Tero,
>
>> Every single option adds complexity, so I do not think we should add
>> more optional things.
>
>Point compression is not the focus of our draft. Given the opposition it
>is facing here, I suggest to wait for further
>replies and if po
Hi Johannes,
On 11/7/12 6:57 AM, "Johannes Merkle" wrote:
>Hi David,
>
>> I strongly encourage you to remove the "Compressed" point format. Doing
>> so will minimize the changes between RFC 5903 and make the draft easier
>>to
>> support, and improve the overall implementation by making it simpl
Hi Michael,
On 11/4/12 10:46 AM, "Michael Richardson" wrote:
>
>What in practice, for an implementer and/or his marketing manager, is
>the difference between "MAY" for algorithm and not listing it at all?
>
>I would understand if we had "MAY+", but really, that is what "SHOULD"
>means.
>
>Could
WG level. I hope that IPsec ME can move forward
with updated algorithm guidance without waiting for the selection of an
alternate, which could be a protracted process. Also I notice that for
ESP we will need to recommend a mode of operation as well.
Thanks,
David
>
>Yoav
>
>On Nov
Hi Johannes,
Some quick comments:
I strongly encourage you to remove the "Compressed" point format. Doing
so will minimize the changes between RFC 5903 and make the draft easier to
support, and improve the overall implementation by making it simpler.
Also, it is not clear that there is any advan
Thanks Yaron, Paul, David, Yoav, and Scott for your input on the draft and
the issues it addresses.
The main concern so far has been the TDES-CBC encryption guidance. I was
unable to find a reference that gives a good treatment of attacks on
64-bit block ciphers used at and beyond the birthday bo
On 10/22/12 8:32 PM, "Paul Hoffman" wrote:
>On Oct 22, 2012, at 4:55 PM, David McGrew (mcgrew)
>wrote:
>
>> One thing that deserves to be on the agenda is a discussion of the need
>>to
>> update the ESP and AH crypto requirements, which have not been
Hi Paul,
One thing that deserves to be on the agenda is a discussion of the need to
update the ESP and AH crypto requirements, which have not been updated
since 2007, and to provide guidance on how to use ESP and AH to achieve
security goals. I have a draft proposing what that could look like,
d
Hi Yaron,
On 7/24/12 12:08 PM, "Yaron Sheffer" wrote:
>Hi,
>recent discussion on the list has indicated that there is some interest
>in better supporting ECDSA certificates in IKEv2, and that the existing
>solutions are not very extensible. The discussion was very useful in
>outlining the existi
Hi Johannes,
On 7/3/12 11:59 AM, "Johannes Merkle" wrote:
>Hi,
>
>in RFC 5639, we have specified a new set of elliptic curve parameters for
>use in cryptographic applications. Meanwhile,
>support for these "Brainpool Curves" has been included in some crypto
>libraries as openssl (recently) and c
12 matches
Mail list logo