Russ Housley wrote: > During the IETF Last Call for draft-manral-ipsec-rfc4305-bis-errata, > we received a comment that deserves wide exposure. > > For ESP encryption algorithms, the document that was sent out for Last > Call contains the following table: > > Requirement Encryption Algorithm (notes) > ----------- -------------------- > MUST NULL (1) > MUST- TripleDES-CBC [RFC2451] > SHOULD+ AES-CBC with 128-bit keys [RFC3602] > SHOULD AES-CTR [RFC3686] > SHOULD NOT DES-CBC [RFC2405] (3) > > The Last Call comment suggests changing the "SHOULD+" for AES-CBC to > "MUST." > > I support this proposed change, and I have asked the author to make > this change in the document that will be submitted to the IESG for > consideration on the Telechat on January 25th. If anyone has an > objection to this change, please speak now. Please send comments on > this proposed change to the iesg@xxxxxxxx or ietf@xxxxxxxx mailing > lists by 2007-01-24. > > Russ Housley > Security AD Strangely missing is AES/GCM [RFC4106]. SHOULDn't this be a SHOULD ? Y(J)S _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf