RE: [Ipsec] Important changes in draft-hoffman-rfc3664bis; please review
Pasi.Eronen@nokia.com Wed, 12 October 2005 13:08 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EPgLL-0006Jj-OA; Wed, 12 Oct 2005 09:08:27 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EPgLJ-0006DP-R5 for ipsec@megatron.ietf.org; Wed, 12 Oct 2005 09:08:25 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA20062 for <ipsec@ietf.org>; Wed, 12 Oct 2005 09:08:23 -0400 (EDT)
From: Pasi.Eronen@nokia.com
Received: from mgw-ext04.nokia.com ([131.228.20.96]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EPgVc-0001gT-78 for ipsec@ietf.org; Wed, 12 Oct 2005 09:19:05 -0400
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-ext04.nokia.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id j9CD5KHa025779 for <ipsec@ietf.org>; Wed, 12 Oct 2005 16:05:21 +0300
Received: from esebh102.NOE.Nokia.com ([172.21.138.183]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 12 Oct 2005 16:08:20 +0300
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 12 Oct 2005 16:07:29 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Ipsec] Important changes in draft-hoffman-rfc3664bis; please review
Date: Wed, 12 Oct 2005 16:07:28 +0300
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F24019A5A64@esebe105.NOE.Nokia.com>
Thread-Topic: [Ipsec] Important changes in draft-hoffman-rfc3664bis; please review
Thread-Index: AcXKuxDUKb5AwC8aSZmqcGdsE48+UQEbqylwAADdguA=
To: ipsec@ietf.org
X-OriginalArrivalTime: 12 Oct 2005 13:07:29.0086 (UTC) FILETIME=[E619DDE0:01C5CF2D]
X-Spam-Score: 0.3 (/)
X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22
Content-Transfer-Encoding: quoted-printable
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Earlier today I wrote: > "The only algorithms defined in this document that accept > attributes are the AES based encryption, integrity, and > pseudo-random functions, which require a single attribute > specifying key width." > > Only ENCR_AES_CBC and ENCR_AES_CTR accept different key lengths; > and since there's no specified default key length, the key length > attribute MUST be included. ...except that RFC3602 actually does include a sentence saying "The default key size is 128 bits". However, it later talks about negotiating this in IKEv1: Since the AES allows variable key lengths, the Key Length attribute MUST be specified in both a Phase 1 exchange [IKE] and a Phase 2 exchange [DOI]. And since the IKEv2 draft also uses the word "require", I think the default value mentioned in RFC3602 was intended as a configuration hint, and does not imply that sending the Key Length attribute would be optional. (More stuff for the IKEv2 clarifications draft, it seems :-) Best regards, Pasi _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] Important changes in draft-hoffman-rfc366… Paul Hoffman
- RE: [Ipsec] Important changes in draft-hoffman-rf… Pasi.Eronen
- RE: [Ipsec] Important changes in draft-hoffman-rf… Pasi.Eronen
- RE: [Ipsec] Important changes in draft-hoffman-rf… Tero Kivinen