> On 3 Nov 2015, at 9:42 AM, Tero Kivinen <[email protected]> wrote: > > John Mattsson writes: >> - BTW, What does it mean that an algorithm like ENCR_RC5 is not >> listed, does that mean “MAY”, “MUST NOT”, or “totally unspecified”? > > It means this document does not specify whether they should be used or > not, i.e. MAY.
To elaborate a bit: there are a whole bunch of algorithms in each category, and we didn’t want to grab the entire table from IANA. The document lists the MUSTs and SHOULDs. That is the purpose of the document. Other algorithms are mentioned only if they’re ones that have previously been widely implemented and widely deployed, and that we believe it is time for them to no longer be so widely deployed. That is why DES, 3DES, MD5 and Group 2 get special mention. RC5 has never been very popular in IPSec, and the same can be said for Blowfish, Tiger, KPDK_MD5, and brainpoolP512r1. So we don’t mention those. Yoav _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
