Hi Tero,
On 2013-11-06 02:23, Tero Kivinen wrote:
While we are working on the ESP, AH, IKEv2, and Architecture
documents, I think we should do also the easy ones:
- RFC2451 "The ESP CBC-Mode Cipher Algorithms"
This is nominally a generic document, but it's really about a list of
specific algorithms, none of which is in wide use today (we are trying
to phase out 3DES and in general 64-bit block algorithms). This document
is not referenced by RFC 4303. So I don't think we should upgrade it.
- RFC3526 "More Modular Exponential (MODP) Diffie-Hellman groups for
Internet Key Exchange"
Yes, probably. Although crypto recommendations are time-dependent, this
RFC describes the actual algorithms and not just their use in IKE.
Do we have enough implementations of EC groups to progress RFC 5903? I
realize that NSA RFCs are not that popular nowadays...
- RFC3948 "UDP Encapsulation of IPsec ESP Packets"
Definitely.
None of them has Errata, and they are all widely used, so we should
just upgrade them on in place (i.e. no need to get new RFC).
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
