|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Ciphersuites for IKEv2>>>>> "Howard" == Howard C Herbert <Herbert> writes: Howard> Per the admonition in David's email below, I would like to Howard> request that in addition to the following cipher suites Howard> already on the list: Howard> AES-CBC + HMAC-SHA-1 AES-CTR + AES-CBC MAC w/XCBC Howard> that the following additional cipher suites be added: Howard> AES-CBC + AES-CBC-MAC w/XCBC AES-CTR + HMAC-SHA-1 Howard> As noted above, these algorithms will already exist in an Howard> implementation. Not being able to use them in the added Howard> combinations simply because we do not have a ciphersuite Howard> defined for them seems like a real easy thing to fix at this Howard> point. The whole point of cipher suites is NOT to expose the O(2^n) combinations. There may be valid reasons to add suites, but "the components already exist" surely is not a valid reason. paul
Home Last updated: Tue Jan 28 15:19:04 2003 12266 messages in chronological order |