On Wed, 11 May 2016, Dang, Quynh (Fed) wrote:
We should explain that current MTI group is the group 2.
But it is not? The only MUST entry for Type 4 is Group 14 (modp2048) Group 2 is SHOULD NOT.
However, users shall not use that group and the group. We should create a similar statement for SHA1 in signatures.
What users should or should not do and what implementations offer as default or not are out of scope for this document as explained in: https://tools.ietf.org/html/draft-ietf-ipsecme-rfc4307bis-07#section-1.3 The recommendations of this document mostly target IKEv2 implementers as implementations need to meet both high security expectations as well as high interoperability between various vendors and with different versions. Interoperability requires a smooth move to more secure cipher suites. This may differ from a user point of view that may deploy and configure IKEv2 with only the safest cipher suite. On the other hand, comments and recommendations from this document are also expected to be useful for such users. In other words, the document sets the lowest acceptable bar. An implementation only implementing MUST algorithms is obviously more secure than an implementation that implements SHUOLD NOT algorithms. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
