[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] draft-solinas-ui-suites-00.txt
If that were true, than VPN-A and VPN-B would be called VPN-3DES and
These names are not for the "community", they're for people who buy
and install VPN devices. I think only a small fraction of these has
ever heard of Suite B.
On Dec 17, 2006, at 6:59 PM, Paul Hoffman wrote:
At 10:32 AM +0200 12/17/06, Yoav Nir wrote:
I think that in RFC 4308 they intentionally used names that do not
name specific algorithms. This is for having a uniform name across
VPN devices and to allow users with no background in cryptography
(and those who don't read the IPsec list) to configure VPN devices
without confusing terms. That's why the names defined there are
VPN-A and VPN-B.
I suggest that "Suite-B-GCM-128" goes against that. I think
better names would be VPN-C, VPN-D etc.
I disagree here. The names are not important as long as there is no
obvious clash. As the draft shows, the name "Suite B" is already in
widespread use within the community of interest, as well as with
IPsec vendors who want to participate in that community in the future.
If it's really important to include the SuiteB name, I'd still go
with SuiteB-1, SuiteB-2 etc.
I disagree again. It is up to the community to decide how much or
little specificity should be included in the names. When we came up
with VPN-A and VPN-B, that's what the general IPsec population of
the time wanted, although we could have chosen VPN-TripleDES and
VPN-AES12 or somesuch.
--Paul Hoffman, Director
Ipsec mailing list