Some comments on draft-ietf-ipsecme-rfc4307bis-00 In general, very good and very needed.
- Abstract says: “This document defines the current set of algorithms that are mandatory to implement as part of IKEv2, as well as algorithms that should be implemented because they may be promoted to mandatory at some future time.” The introduction also only talks about MTI and believed to be future MTI. ENCR_DES does not fit in either of these categories. I am all for specifying MUST NOT for such algorithms, but the abstract and introduction should be updated. - BTW, What does it mean that an algorithm like ENCR_RC5 is not listed, does that mean “MAY”, “MUST NOT”, or “totally unspecified”? - Section 3.2. says “When an AEAD algorithm (see Section 3.1) is used, no algorithm from this table needs to be used.” Shouldn’t this be “MUST NOT be used”. - Section 3.1. I think AES_CCM_8 should somehow be restricted to IoT, as using 64 bit tags in IKE does not sound like general good advise. Also IoT implementations would probably just implement “ENCR_AES_CCM_8”, “PRF_HMAC_SHA2_256", and "256-bit random ECP group" and skip everything else. It seem to make more sense to specify an IoT profile in a separate section. - Section 3.4. The Diffie-Hellman group table diverges heavily from the rest with only 112-bit security as MUST, and no group offering 128-bit security as even SHOULD+. This may be ok, but I think the ipsecme group should try to fulfill general recommendations on security levels (NIST, ECRYPT) and have a plan on how to make 2048-bit MOPD a MUST NOT before 2030. Not being able to forbid 1024-bit MOPD is this draft is a failure, let’s not repeat it. - At least “AES-XCBC-PRF-128” and “256-bit random ECP group” should have references to point out which of the RFCs that are MTI. Cheers, John ------------------------------------- John Mattsson MSc Engineering Physics, MSc Business Administration and Economics Ericsson IETF Security Coordinator Senior Researcher, Security _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
