[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AES cipher suites
Scott G. Kelly wrote:
Well, maybe I'm misunderstanding, but I have the impression that the
general thrust of this thread has been to *replace* AES-CBC with
AES-CTR. There is currently an AES-CBC document in the IESG's doc queue
that is a product of this wg, and based on that doc, hardware has been
released and products have been shipped. That means that if we toss it
out now, lots of time and money has been wasted. I hope that I really
I think you misunderstand the IETF standardization process.
I thought the way it worked is that if you ship a product based upon just
an I-D you are taking a big gamble. Even after DRAFT Standard things could
change if there's a big problem.
This should be a motivation for IETF working groups to test
interoperability and standardize *quickly*. Yes, the RFC standardization
process has long hold times in it, to give time for feedback. But this
should level the playing field.