Both of them still miss the summary of changes since 4307 and and 7321 sections.
Now when we hopefully have agreed on what changes are going to make, so we might want to add summaries: ---------------------------------------------------------------------- Algorithms mentioned in the RFC4307 were changed as follows: Algorithm In RFC4307 Now --------- ---------- --- ENCR_3DES MUST- MAY ENCR_NULL MUST NOT[errata] - ENCR_AES_CBC SHOULD+ MUST ENCR_AES_CTR SHOULD - PRF_HMAC_MD5 MAY MUST NOT PRF_HMAC_SHA1 MUST MUST- PRF_AES128_XCBC SHOULD+ SHOULD AUTH_HMAC_MD5_96 MAY MUST NOT AUTH_HMAC_SHA1_96 MUST MUST- AUTH_AES_XCBC_96 SHOULD+ SHOULD Group 2 (1024-bit) MUST- SHOULD NOT Group 14 (2048-bit) SHOULD+ MUST ---------------------------------------------------------------------- Algorithms mentioned in the RFC7321 and which were changed, were changed as follows: Algorithm In RFC7321 Now --------- ---------- --- ENCR_AES_GCM_16 SHOULD+ MUST ENCR_AES_CCM_8 MAY SHOULD ENCR_AES_CTR MAY - ENCR_3DES MAY SHOULD NOT AUTH_HMAC_SHA1_96 MUST MUST- AUTH_AES_128_GMAC SHOULD+ MAY AUTH_NONE MAY MUST / MUST NOT ---------------------------------------------------------------------- I think we should add those sections before we go to the IETF LC. Those sections will make it easier for others to see what we did also. Btw, we did change every single requirement from RFC4307... for RFC7321 we did leave some of the requirements intact... -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
