IETF Logo Mail Archive

Re: [Ipsec] draft-solinas-ui-suites-00.txt

Yoav Nir <ynir@checkpoint.com> Sun, 17 December 2006 08:32 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GvrRz-0006pQ-0P; Sun, 17 Dec 2006 03:32:51 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GvrRy-0006pK-6D for ipsec@ietf.org; Sun, 17 Dec 2006 03:32:50 -0500
Received: from michael.checkpoint.com ([194.29.32.68]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GvrRw-00045M-Lk for ipsec@ietf.org; Sun, 17 Dec 2006 03:32:50 -0500
Received: from [194.29.46.218] (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id kBH8Wg66012906; Sun, 17 Dec 2006 10:32:42 +0200 (IST)
In-Reply-To: <7.0.0.16.2.20061208152939.0794cbd8@vigilsec.com>
References: <7.0.0.16.2.20061208152939.0794cbd8@vigilsec.com>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <1479D5BA-A0B1-4321-89E1-92CE778B8D9C@checkpoint.com>
Content-Transfer-Encoding: 7bit
From: Yoav Nir <ynir@checkpoint.com>
Subject: Re: [Ipsec] draft-solinas-ui-suites-00.txt
Date: Sun, 17 Dec 2006 10:32:41 +0200
To: Russ Housley <housley@vigilsec.com>
X-Mailer: Apple Mail (2.752.3)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Cc: ipsec@ietf.org
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Errors-To: ipsec-bounces@ietf.org

I think that in RFC 4308 they intentionally used names that do not  
name specific algorithms. This is for having a uniform name across  
VPN devices and to allow users with no background in cryptography  
(and those who don't read the IPsec list) to configure VPN devices  
without confusing terms.  That's why the names defined there are VPN- 
A and VPN-B.

I suggest that "Suite-B-GCM-128" goes against that.  I think better  
names would be VPN-C, VPN-D etc.

If it's really important to include the SuiteB name, I'd still go  
with SuiteB-1, SuiteB-2 etc.


On Dec 8, 2006, at 10:30 PM, Russ Housley wrote:

> The members of this mail list will probably find this new Internet- 
> Draft interesting.
>
> http://www.ietf.org/internet-drafts/draft-solinas-ui-suites-00.txt
>
>
> _______________________________________________
> Ipsec mailing list
> Ipsec@ietf.org
> https://www1.ietf.org/mailman/listinfo/ipsec
>


_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

v2.23.0 | Report a Bug | By Email