Hi John, I am referring to the thread and subsequent mails to: http://130.230.52.14/list-archive/ipsec/msg05573.html
That said regarding algorithms supported, should we just refer to the RFC's or should we state each of them explicitly. What if the status of algorithm's change (due to some vulnerability found)? Thanks, Vishwas -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, January 09, 2006 1:48 PM To: Vishwas Manral; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [email protected]; [EMAIL PROTECTED] Subject: RE: draft-ietf-ipv6-node-requirements-11.txt Vishwas, >I see a few more inconsistencies regarding the same RFC: > > Since ESP encryption and authentication are both optional, support > for the NULL encryption algorithm [RFC-2410] and the NULL > authentication algorithm [RFC-2406] MUST be provided to maintain > consistency with the way these services are negotiated. > > >From RFC4301 > - confidentiality-only (MAY be supported) > - integrity only (MUST be supported) > - confidentiality and integrity (MUST be supported) > >I think only encryption is now optional in RFC4301. We do not >necessarily need to allow NULL authentication either. Actually >this is still a problem with RFC4305 and it was not updated >because the issue was found late in the RFC process. What was the issue found late with RFC4305? John -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
