Valery Smyslov writes: > my comments mostly are addressed, thanks. > The one still unaddressed is a strange comment "?SHOULD" in the last table > (Section 4.2). What does it mean?
I think that is leftover from our internal discussions, i.e. whether we should mark that ecdsa-with-sha512 as SHOULD instead of MAY. I think MAY is fine, so unless people think we should pick that too with SHOULD, I will remove that in next version. I do not think we need to do it now, we can do the WGLC with the draft we have now, and remove it after that. Other thing I want people to think is whether we should say something else about the AES key sizes, i.e. we now say MUST for 128-bit, MAY for 256-bit and "192-bit keys can safely be ignored." One proposal that was done was to change that MUST for 128-bit, SHOULD for 256-bit, and perhaps even SHOULD NOT for 192-bit. -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
