The IESG has approved the following document: - 'Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)' (draft-ietf-ipsecme-esp-ah-reqts-10.txt) as Proposed Standard This document is the product of the IP Security Maintenance and Extensions Working Group. The IESG contact persons are Kathleen Moriarty and Stephen Farrell. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-ipsecme-esp-ah-reqts/ Technical Summary This document replaces RFC 4835 in specifying requirement levels for various cryptographic algorithms in the ESP and AH protocols. In the 7 years since that older RFC was published, the security of some algorithms diminished, while other, more secure algorithms were published and widely implemented. This information is essential for interoperable implementation of the protocols, and so the document is intended to be a Proposed Standard. Working Group Summary There was lively WG discussion around the specific algorithms and requirement levels, but no major objections. There was wide consensus that the document should be published. Document Quality Are there existing implementations of the protocol? Yes, numerous. This draft sets new new requirements for ESP and AH, motivating vendors to implement against the new recommendations. Personnel Yaron Sheffer (IPsecME WG co-chair) is the document shepherd and Kathleen Moriarty is the responsible AD.
