On Thu, 12 May 2016, Dang, Quynh (Fed) wrote:
I like your proposed new text. I also recommend to add something like this: "The group 2 and any other cryptographic algorithms which are expected to provide around 80 bits of security strength are considered insecure mechanisms." Unless we can describe a complete use case, then we could be able to say whether or not the group 2 is acceptable in that case. Without that, we can say either it is secure or not secure, there are nothings in between.
I don't like the "and any other cryptographic algorithms which are expected to provide around 80 bits of security" First, it is not very helpful to people who don't know which algorithms are expected to provide 80 bits of security. And second, I guess the 80 bits is a NIST / USG specific value, not a cryptographic community standard. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
