On Tue, 4 Jan 2022, Dan Harkins wrote:
I agree with Tero here. This "tightening" is not necessary. There's no
security
benefit by disallowing the RFC 7296 RECOMMENDED method of treating AEAD
ciphers.
The only thing this will do is require pointless changes to existing RFC 7296
compliant impl
Hello,
I agree with Tero here. This "tightening" is not necessary. There's
no security
benefit by disallowing the RFC 7296 RECOMMENDED method of treating AEAD
ciphers.
The only thing this will do is require pointless changes to existing RFC
7296
compliant implementations.
regards,
Resend with corrected email alias
Adrian
RFC ISE (Adrian Farrel) wrote:
> Thanks Tero, much appreciated.
>
> I will discuss this with the authors.
>
> It is sometimes the case that this type of document (i.e. an NSA profile),
> tightens the 2119 language from the referenced RFCs or removes option
Thanks Tero, much appreciated.
I will discuss this with the authors.
It is sometimes the case that this type of document (i.e. an NSA profile),
tightens the 2119 language from the referenced RFCs or removes options.
The argument in the past has been that, while the base spec gives some
degree of
While doing IANA expert review on the document I found some issues
with this document, so here are my comments to it.
In section 5 there is text which says:
In particular, since AES-GCM is an AEAD
algorithm, ESP implementing AES-GCM MUST indicate the integrity
algorithm NONE. [RFC7