Re: draft-ietf-ipsec-ciph-des-derived-00
"William Allen Simpson" <wsimpson@greendragon.com> Wed, 23 July 1997 12:14 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id IAA12504 for ipsec-outgoing; Wed, 23 Jul 1997 08:14:47 -0400 (EDT)
Date: Wed, 23 Jul 1997 11:36:33 +0000
From: William Allen Simpson <wsimpson@greendragon.com>
Message-ID: <6311.wsimpson@greendragon.com>
To: Norman Shulman <norm@tor.securecomputing.com>
Cc: ipsec@tis.com
Subject: Re: draft-ietf-ipsec-ciph-des-derived-00
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
> From: Norman Shulman <norm@tor.securecomputing.com> > Page 4, 4.2, paragraph 2: Suggest adding the following sentence (copied from > 4.3): "Alternatively, the least significant bit of each key byte is ignored, > or locally set to parity by the DES implementation." > No, the purpose of the parity in manual keying is to detect configuration errors. It SHOULD be required. 4.3 is for automated keying. It MAY be required. SHOULD and MAY have very specific meanings. > Page 6, Pad Values, Range: Should be 1 to 255. > No, please read in context. The value is the _configured_ maximum amount of padding to generate and check. Zero (0) means no checking. For DES, when checking is enabled, the required value is 7, generating and checking 0-7 bytes of padding. More than 7 are allowed. Therefore, the configuration range is 7 to 255. This section was designed to complement the text that the WG asked to be added to the ESP draft. I will check the ESP draft to ensure that it includes the necessary explanation. WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32 BSimpson@MorningStar.com Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2
- draft-ietf-ipsec-ciph-des-derived-00 Norman Shulman
- Re: draft-ietf-ipsec-ciph-des-derived-00 William Allen Simpson
- Re: draft-ietf-ipsec-ciph-des-derived-00 Norman Shulman