[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AES cipher suites

To: "Scott G. Kelly" <scott@xxxxxxxxxxxxxxxxxx>
Subject: Re: AES cipher suites
From: David Waitzman <djw@xxxxxxx>
Date: Mon, 13 Jan 2003 23:05:05 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <> <> <> <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; NetBSD i386; en-US; rv:1.2.1) Gecko/20030106

Scott G. Kelly wrote:

Well, maybe I'm misunderstanding, but I have the impression that the
general thrust of this thread has been to *replace* AES-CBC with
AES-CTR. There is currently an AES-CBC document in the IESG's doc queue
that is a product of this wg, and based on that doc, hardware has been
released and products have been shipped. That means that if we toss it
out now, lots of time and money has been wasted. I hope that I really
have misunderstood.

I think you misunderstand the IETF standardization process. I thought the way it worked is that if you ship a product based upon just an I-D you are taking a big gamble. Even after DRAFT Standard things could change if there's a big problem.

This should be a motivation for IETF working groups to test interoperability and standardize *quickly*. Yes, the RFC standardization process has long hold times in it, to give time for feedback. But this should level the playing field.

-david

Follow-Ups:
- Re: AES cipher suites
  - From: Scott G. Kelly

References:
- RE: AES cipher suites
  - From: Black_David
- Re: AES cipher suites
  - From: Scott G. Kelly
- Re: AES cipher suites
  - From: David Wagner
- Re: AES cipher suites
  - From: Scott G. Kelly

Prev by Date: More AES suites (was: draft-ietf-ipsec-ikev2-04.txt)
Next by Date: Re: peer address protection and NAT Traversal
Previous by thread: Re: AES cipher suites
Next by thread: Re: AES cipher suites
Index(es):
- Date
- Thread