On Wed, 18 Oct 2017, Denis Ovsienko wrote:
Let me suggest a couple documents. RFC 6709 (Design Considerations for Protocol Extensions) Section 4.5 (Cryptographic Agility) recommends having two algorithms of "distinct lineage" for a few reasons it explains. BCP 201 a.k.a. RFC 7696 (Guidelines for Cryptographic Algorithm Agility and Selecting Mandatory-to-Implement Algorithms) Section 3.1 (Picking One True Cipher Suite Can Be Harmful) further justifies the need for more than one algorithm. The document also makes other relevant points. Even if draft-ietf-tcpinc-tcpcrypt has nothing to do with the problems reviewed there (which is not so as far as it seems to me and may seem to other readers), it would help to make references and specifically clarify how the choices relate with the points made in those guidelines.
Let me suggest two other documents dealing with Mandatory To Implement for IKE and ESP/AH as well as another example on how to specify these: https://tools.ietf.org/html/rfc8221 https://tools.ietf.org/html/rfc8247 Paul