[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AES cipher suites

Scott G. Kelly wrote:
Well, maybe I'm misunderstanding, but I have the impression that the
general thrust of this thread has been to *replace* AES-CBC with
AES-CTR. There is currently an AES-CBC document in the IESG's doc queue
that is a product of this wg, and based on that doc, hardware has been
released and products have been shipped. That means that if we toss it
out now, lots of time and money has been wasted. I hope that I really
have misunderstood.

I think you misunderstand the IETF standardization process.
I thought the way it worked is that if you ship a product based upon just an I-D you are taking a big gamble. Even after DRAFT Standard things could change if there's a big problem.

This should be a motivation for IETF working groups to test interoperability and standardize *quickly*. Yes, the RFC standardization process has long hold times in it, to give time for feedback. But this should level the playing field.