[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Last ditch proposal for crypto suites
It was my experience with IKEv1 that the crypto algorithm negotiation was
accomplished by many people with very few errors. This, despite the fact
that the naming and organization of the payloads is rather confusing. (Why
is an SA a list of proposals rather than a proposal being a list of SAs or
[better] a proposal-list being a list of bundles? Why is there two levels of
indirection with the proposal+transform when there could have been only
one?)
I should also point out that 4 of the 9 pages are taken up with DOI-style
lists, such as the following:
For Transform Type 1 (Encryption Algorithm), defined Transform-IDs
are:
Name Number Defined In
RESERVED 0
ENCR_DES_IV64 1 (RFC1827)
ENCR_DES 2 (RFC2405)
ENCR_3DES 3 (RFC2451)
ENCR_RC5 4 (RFC2451)
ENCR_IDEA 5 (RFC2451)
ENCR_CAST 6 (RFC2451)
ENCR_BLOWFISH 7 (RFC2451)
ENCR_3IDEA 8 (RFC2451)
ENCR_DES_IV32 9
ENCR_RC4 10
ENCR_NULL 11 (RFC2410)
ENCR_AES_128 12
values 12-240 are reserved to IANA. Values 241-255 are for
private use among mutually consenting parties.
Does that give you a headache?
Andrew
-------------------------------------------
There are no rules, only regulations. Luckily,
history has shown that with time, hard work,
and lots of love, anyone can be a technocrat.