[7122] in cryptography@c2.net mail archive
Re: Critics blast Windows 2000's quiet use of DES instead of 3DES
daemon@ATHENA.MIT.EDU (Dennis Glatting)
Thu May 18 14:17:08 2000
Message-ID: <3923844B.D1AEB6EF@software-munitions.com>
Date: Wed, 17 May 2000 22:48:59 -0700
From: Dennis Glatting <dennis.glatting@software-munitions.com>
MIME-Version: 1.0
To: "L. Sassaman" <rabbi@quickie.net>
Cc: John Gilmore <gnu@toad.com>, Declan McCullagh <declan@well.com>,
cryptography@c2.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
"L. Sassaman" wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 17 May 2000, Dennis Glatting wrote:
>
> > > Frankly, I can't understand why the IPsec protocol still allows DES. It
> > > should require strong encryption. Having DES in a product these days makes
> > > about as much sense as mandating the usage of ROT13.
> > >
> >
> > We are waiting for AES.
>
> So am I correct in assuming you are saying that DES will be disallowed as
> part of the IPsec protocol when AES is finalized?
>
> This would be good. I still think that DES should be dropped immediately,
> however.
>
I didn't go to Adelaide, so I am not up on current events. In the two
or three prior IETF IPsec and SAAG meetings there was discussion on
reducing 1DES to a SHOULD or MAY and elevating 3DES to a SHOULD or
MUST for IPsec. Along the way AES started to look like a real
possibility.
Go to http://web.mit.edu/network/ietf/sa/ and check out SAAG 45 and
draft-ietf-saag-aes-ciph-00.txt.
