Crypto algorithms for IKEv2

[Paul Hoffman / VPNC <paul.hoffman@vpnc.org>]

Greetings again. At the WG meeting in San Francisco over a month ago, 
the WG agreed that the IKEv2 document should split out the 
cryptographic algorithms into a RFC that can be updated separately 
from the main IKEv2 protocol RFC with which we are almost finished.

I have turned in an Internet Draft on this topic that matches what I 
believe matches the general feeling from the WG based on earlier 
discussion on this mailing list and the lively face-to-face 
discussions in San Francisco. A temporary version of the draft is at 
<http://www.vpnc.org/ietf-ipsec/draft-hoffman-ipsec-algorithms-00-TEMP.txt>; 
as usual, that link will disappear when the draft is officially in 
the Internet Drafts directory.

This document is meant to be a companion to the *next* draft of 
IKEv2. In that draft, Charlie can cleanly excise from his section 
3.3.2 the cryptographic tables labeled "For Transform Type 1", "For 
Transform Type 2", "For Transform Type 3", and "For Transform Type 
4", leaving Transform Type 5, which is not cryptographic. He can also 
remove the MUST, SHOULD, and MAY statements in Appendix B.

The result will be a free-standing document that the IETF can update 
when we want to change the cryptographic requirements for IKEv2. For 
example, there was general agreement in San Francisco that we will 
probably be requiring AES and longer Diffie-Hellman primes in the 
not-distant future, and that fact is reflected in the Internet Draft.

Given that we are trying to finish up IKEv2 in the near future and 
not reopening agreed-to issues, I'm definitely interested to hear if 
anyone thinks that the document has things that the WG didn't agree 
to.

--Paul Hoffman, Director
--VPN Consortium