Sorry, "not an unreasonable desire" On Sun, Nov 12, 2017 at 7:21 AM, Eric Rescorla <e...@rtfm.com> wrote:
> > > On Sun, Nov 12, 2017 at 7:19 AM, Kyle Rose <kr...@krose.org> wrote: > >> On Sun, Nov 12, 2017 at 1:13 PM, Eric Rescorla <e...@rtfm.com> wrote: >> > On Sun, Nov 12, 2017 at 5:08 AM, Black, David <david.bl...@dell.com> >> wrote: >> >> - Encryption: The intent is - don't use anything weaker than AES-128, >> >> e.g., don't even think about using 3DES. The concern is how to write >> that >> >> requirement in a way that would survive hypothetical discovery of a >> >> catastrophic cryptanalytic attack on AES-128. >> > >> > >> > Or even a small one. I mean, what does this say about Curve25519 or 4Q. >> >> I think this is actually the issue driving the vagueness of the >> requirement: e.g., if some hypothetical attack against AES-128 reduced >> security by a few bits. The intent, as David suggests, is to prohibit >> the use of something like DES, not to prohibit a 128-bit cipher with >> only (say) 125 bits of security. >> > > That's not a reasonable desire, but this is an RFC 2119 requirement, so it > really does need to be unambiguous. > > -Ekr > >
_______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
