Thanks for that, it certainly explains a bit. Can I suggest that in the re-write these considerations are made more explicit.
Richard. Jari Arkko wrote: > > I agree with the comments. That section needs a rewrite. A couple > of points I wanted to raise, however: > > - In this document, we want to describe the situation as it is in > the other RFCs. For instance, if the IPsec RFCs say you must > support AH and ESP then we say it here too. If the situation > changes in the future then we we will be updating this spec. > > - The same applies to algorithms as well. Someone complained about > the many algorithms. Some algorithms (DES, MD5, SHA1) are mandated > by the RFCs. However, in this case we have a serious problem in > the sense that the IPsec RFCs are from some other millenium and > the encryption algorithm choices are considered bad by the IPsec > WG and others. I'm personally NOT going to feel very good about accepting > a document that says you MUST use DES without even mentioning > that its actually a bad choice. One should consider 3DES > or AES instead. So I think we need to state something about > those algorithms too. I wish the IPsec WG completed the AES > spec (not sure about current status) so we could at least > forget 3DES. > > In conclusion its not very easy to get rid of the long list > of algorithms. > > Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
