<chair hat on> On 12 Oct 2015, at 6:50, Tero Kivinen wrote:
I think AES-CCM is useful to have as SHOULD, as it is useful in certain environments, but I do not want to mark it as MUST, as it is not used in other environments. On the other hand I assume that in practice those IoT implementations are going to ignore this completely, and only implement the ciphers they use, and they will not be implementing all mandatory to implement ciphers, as they do not have space for them.
This is a reasonable observation about deployment of IPsec. In the pre-IoT past, we have had the same discussion, with some developers saying "I am supposed to write a system for a particular customer who has a particular set of algorithms that they have chosen for their application; why should that be considered out of compliance with the IETF?"
Thus, the WG needs to decide the desired scope of the requirements for this document are and put them into the document. Without that, we can endlessly debate about particular choices for "MUST" and even "SHOULD".
--Paul Hoffman _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
