On Dec 7, 2016, at 5:00 PM, Timothy Carlin <tjcar...@iol.unh.edu<mailto:tjcar...@iol.unh.edu>> wrote:
Hello All, I have some comments inline. On Wed, Dec 7, 2016 at 4:41 PM, Paul Wouters <p...@nohats.ca<mailto:p...@nohats.ca>> wrote: ... Are people actually deploying this? The NIST USGv6 Profile current mandates RFC4552 and as such manual keys. Yes, that's PRECISELY the issue. Presumably NIST put it into the profile because manual keys are mentioned in the RFC, not realizing how bad an error that is. ... I agree with the sentiment that Manual Keys should be avoided. However for the conformance logo documents it would be helpful to have RFC2119 language to point to when setting the requirements for testing. That is the main reason I argued for MUST NOT. By way of illustration: in an IPSec-enabled product I work on, we implemented manual keying only to be able to pass the USGv6 tests. The manual states that the feature [sic] exists only for that reason and that manual keys should never be used. When we submitted the product for Common Criteria evaluation, the evaluators told us we needed to strengthen that statement, so it now says that manual keys "exist only because of certification requirements and must never be used". This is clearly absurd. A feature in a security protocol that has always been known to be a hazard to security needs to be removed. It's been far too long already. paul
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec