IETF Logo Mail Archive

Re: [OPSEC] minutes part 2

"Vishwas Manral" <vishwas.ietf@gmail.com> Mon, 29 December 2008 22:40 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A53A53A6942; Mon, 29 Dec 2008 14:40:16 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BD5943A68BA for <opsec@core3.amsl.com>; Mon, 29 Dec 2008 14:40:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZgFhh18v7Ync for <opsec@core3.amsl.com>; Mon, 29 Dec 2008 14:40:15 -0800 (PST)
Received: from mail-bw0-f21.google.com (mail-bw0-f21.google.com [209.85.218.21]) by core3.amsl.com (Postfix) with ESMTP id 749C33A6942 for <opsec@ietf.org>; Mon, 29 Dec 2008 14:40:14 -0800 (PST)
Received: by bwz14 with SMTP id 14so16729144bwz.13 for <opsec@ietf.org>; Mon, 29 Dec 2008 14:40:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=27Qnn17G5ozzyXmOF8L/Knx2Jq6PFPgn82hFVubp2ew=; b=MBFEi23hxVPwWgDUQmmb+dedQoy2OMYo/FfIuOsNzlLFO2VIlINunmUngkesyRem/U Nc4Cb8LX5+qGQRyhfj8oimKLEO13oiSik4VK/UMDnYd9y56goxFvlFxcORb+WEwSlENz eFnQE55PxLxGNiCbr/4jKGKcku6lwS11f5pfk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=qI6MiQTHjKcQ8UBpU5bAnsvH1JmZGwtFT+T0YH61h9kCdSdjQzcINvexvflP/C9PQb bPsLyACXFJst6EwvzFUThLLrYw/+11T943BSxxFIr2Dw5GG9IF7HwAH/CDA/h+apTTCM U40H3ORGI2QZGIi4pYZ3wG/f+ZYNF7zGuqe/U=
Received: by 10.181.146.11 with SMTP id y11mr5380612bkn.5.1230590402466; Mon, 29 Dec 2008 14:40:02 -0800 (PST)
Received: by 10.180.209.3 with HTTP; Mon, 29 Dec 2008 14:40:02 -0800 (PST)
Message-ID: <77ead0ec0812291440v707b96aaj178a5cb311faa6f5@mail.gmail.com>
Date: Mon, 29 Dec 2008 14:40:02 -0800
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: R Atkinson <ran.atkinson@gmail.com>
In-Reply-To: <A7576232-5353-42D7-A956-B78C835C1969@gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
References: <EC3F7E1D-F7C8-484A-A0C0-1A25E79AD86E@extremenetworks.com> <1D5F3F5F-4357-4E25-BEDE-35300949EDB8@gmail.com> <77ead0ec0812231006u55443dacn1731f51a8e922b62@mail.gmail.com> <8CA72870-DEB9-4979-8478-ED5467AF3DD3@gmail.com> <77ead0ec0812231556t73e24f17m9d52862672b22dc5@mail.gmail.com> <4070E95B-4E30-4B1F-90F1-B20F67EDEDFF@gmail.com> <77ead0ec0812291316h75c87da3i190cb23996e09a10@mail.gmail.com> <104A40DD-D2FB-48F2-A5D2-28C0E4ADA663@gmail.com> <77ead0ec0812291400g5819c929y718683de7fa3ed45@mail.gmail.com> <A7576232-5353-42D7-A956-B78C835C1969@gmail.com>
Cc: opsec@ietf.org
Subject: Re: [OPSEC] minutes part 2
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

Hi Ran,

I am sorry if you are finding issues with my language.

>> I agree AES took about 9 years to be mandated in
>> say the IPsec RFC (so a bit lesser than 10 years).
>
> You must have misread my note.  AES-CBC for IPsec shipped
> in about 12 months, not 9 years.  AES-CBC for ESP shipped
> well before the RFC was published, as I recall.
>
> Oh, and NIST selecting AES took about 4 years (URL below
> says 1997 to 2000/2001).
>
> NIST's web page also says they expect to announce a new
> hash function in 2012 (URL below).  Four years is somewhat
> less than half of "10 years" from now.
This is great. Yes announcing an algorithm and actually seeing it in
the field is different. I have given you a quote from folks in NIST
itself (which does not talk about announcement of the chosen algorithm
but about actually finding the algorithms in the field). May be there
was some gap in the language again.

I have not imagined/ concoted the time lines myself. It however is
again based on a particular opinion and may not necessarily be
correct.

Regarding the cryptographic algorithms, I think we need to look at the
issue at a bigger level than just this list. Thanks for raising the
issues.

Thanks again,
Vishwas

>
>
> NIST Hash Timeline (includes AES timeline also):
>        <http://csrc.nist.gov/groups/ST/hash/timeline.html>
>
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email