[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: ISAKMP/Oakley algorithms
From:       Daniel Harkins <dharkins () cisco ! com>
Date:       1997-01-16 17:24:14
[Download RAW message or body]

> In draft-ietf-ipsec-isakmp-oakley-02.txt it lists encryption and hash
> algorithms that are not listed with draft-ietf-ipsec-doi-02.txt (IDEA,
> Blowfish, Tiger).  Should we try and keep all protocols the same between
> both levels or at least try and include the same commone core
> algorithms.  

Those algorithms are used to protect ISAKMP-ISAKMP communication and are
not bound by the IPsec DOI. Ideally, a draft-ietf-ipsec-isakmp-oakley-02.txt
compatible peer can negotiate more than just IPsec.
  I don't want to remove these algorithms to "keep all protocols the same"
but that goal can also be realized by writing an AH-Tiger-HMAC document,
and an ESP-IDEA-CBC-REPLAY-et-al document, etc. (insert emoticon here).

> Basically, I'd like to see DES3 added to this list as well a reference
> that points to these other les common algorithms.

Applied Cryptography references IDEA and Blowfish. I can add a reference
to Tiger.

  Dan.

-------------------------------------------------------------------------------
Dan Harkins                                |   E-mail:  dharkins@cisco.com
Network Protocol Security, cisco Systems   |   phone:   +1 (408) 526-5905
170 W. Tasman Drive                        |   fax:     +1 (408) 526-4952
San Jose, CA 95134-1706, U.S.A.            |   ICBM:    37.45N, 122.03W
-------------------------------------------------------------------------------
For your safety and the safety of others: concealed carry, and strong crypto
-------------------------------------------------------------------------------

[prev in list] [next in list] [prev in thread] [next in thread]