Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2
"Frankel, Sheila E." <sheila.frankel@nist.gov> Tue, 27 October 2009 15:54 UTC
Return-Path: <sheila.frankel@nist.gov>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6409E28C1A7 for <ipsec@core3.amsl.com>; Tue, 27 Oct 2009 08:54:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.475
X-Spam-Level:
X-Spam-Status: No, score=-6.475 tagged_above=-999 required=5 tests=[AWL=0.124, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A-qV5-ohI+Rr for <ipsec@core3.amsl.com>; Tue, 27 Oct 2009 08:54:43 -0700 (PDT)
Received: from smtp.nist.gov (rimp2.nist.gov [129.6.16.227]) by core3.amsl.com (Postfix) with ESMTP id 517733A6851 for <ipsec@ietf.org>; Tue, 27 Oct 2009 08:54:43 -0700 (PDT)
Received: from WSXGHUB1.xchange.nist.gov (wsxghub1.nist.gov [129.6.18.96]) by smtp.nist.gov (8.13.1/8.13.1) with ESMTP id n9RFna1A029413; Tue, 27 Oct 2009 11:49:36 -0400
Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB1.xchange.nist.gov ([2002:8106:1260::8106:1260]) with mapi; Tue, 27 Oct 2009 11:49:36 -0400
From: "Frankel, Sheila E." <sheila.frankel@nist.gov>
To: "ipsec@ietf.org" <ipsec@ietf.org>
Date: Tue, 27 Oct 2009 11:48:14 -0400
Thread-Topic: [ipsecme] #115: Camellia req levels for IKEv2
Thread-Index: AcpOwQLkzK3hHndfTiuUUrnMhuDXhAIW+HSl
Message-ID: <D7A0423E5E193F40BE6E94126930C4930789878B76@MBCLUSTER.xchange.nist.gov>
References: <063.06d317c6f664560309ce0afcacc220bc@tools.ietf.org>
In-Reply-To: <063.06d317c6f664560309ce0afcacc220bc@tools.ietf.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-NIST-MailScanner: Found to be clean
X-NIST-MailScanner-From: sheila.frankel@nist.gov
Cc: Tero Kivinen <kivinen@iki.fi>, Paul Hoffman <paul.hoffman@vpnc.org>, "suresh.krishnan@ericsson.com" <suresh.krishnan@ericsson.com>
Subject: Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Oct 2009 15:54:44 -0000
#115: Camellia req levels for IKEv2 Proposed changes to Roadmap doc: 1) Change IKEv2 requirement level for Camellia-CBC from undefined (no RFC) to optional 2) Add text to Section 5.2.6 (RFC 4312, The Camellia Cipher Algorithm and Its Use with IPsec) Current text: [RFC5529] describes the use of the Camellia block cipher algorithm in conjunction with several different modes of operation. It describes the use of Camellia in Cipher Block Chaining (CBC) mode and Counter (CTR) mode as an encryption algorithm within ESP. It also describes the use of Camellia in Counter with CBC-MAC (CCM) mode as a combined mode algorithm in ESP. This document defines how to use IKEv2 to generate keying material for a Camellia ESP SA; it does not define how to use Camellia within IKEv2 to protect an IKEv2 SA's traffic. Additional text: However, this RFC, in conjunction with IKEv2's generalized description of block mode encryption, provide enough detail to allow the use of Camellia-CBC algorithms within IKEv2. Current text (continued): All three modes can use keys of length 128-bits, 192-bits or 256-bits. [RFC5529] includes IANA values for use in IKEv2 and IPsec-v3. A single IANA value is defined for each Camellia mode, so IKEv2 negotiations need to specify the keysize. ________________________________________ From: ipsecme issue tracker [trac@tools.ietf.org] Sent: Friday, October 16, 2009 8:29 PM To: paul.hoffman@vpnc.org; Frankel, Sheila E. Subject: [ipsecme] #115: Camellia req levels for IKEv2 #115: Camellia req levels for IKEv2 -----------------------------------+---------------------------------------- Reporter: paul.hoffman@… | Owner: sheila.frankel@… Type: defect | Status: new Priority: normal | Milestone: Component: roadmap | Severity: - Keywords: | -----------------------------------+---------------------------------------- Camellia-CBC: covered by generic CBC requirements in RFC4306? Camellia-CTR: needs its own RFC? Camellia-CCM: covered by RFC 5282? -- Ticket URL: <http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/115> ipsecme <http://tools.ietf.org/ipsecme/>
- Re: [IPsec] [ipsecme] #115: Camellia req levels f… Frankel, Sheila E.
- Re: [IPsec] [ipsecme] #115: Camellia req levels f… Tero Kivinen