Re: Your DISCUSS on draft-ietf-secsh-newmodes-05

[Bill Sommerfeld <sommerfeld%sun.com@localhost>]

On Fri, 2005-09-09 at 15:28, Sam Hartman wrote:
> >>>>> "Russ" == Russ Housley <housley%vigilsec.com@localhost> writes:
> 
>     Russ> Sam: Yes, I am comfortable with the use of text to say the
>     Russ> same thing.
> 
>     Russ> Russ
> 
> OK.  Bill, do we have a consensus to decide on a direction for what
> cipher we'll make mandatory to implement and to document that decision
> in newmodes?

Yes, it looks that way.

> If so, do we have a consensus yet on what that direction is or do we
> need to have more discussion on that?

I just reviewed this thread and the prior one on the same topic on the
specific question of aes vs 3des.  

By my count, 9 people have expressed an opinion leading one way or the
other; 6 were unambiguously in favor of aes128-ctr; one wants to wait
for hardware counter mode support to materialize but seems to be leaning
towards AES.  One prefers 3des now but expects a migration to aes
later.  One person supported either aes128-ctr or aes256-ctr.

Looks to me like we have rough consensus on aes128-ctr as opposed to
3des-ctr as a "SHOULD+" or "Most likely to replace 3des-cbc but not yet
REQUIRED".

My proposed edit is to extend the paragraph reading:

   The "aes128-ctr" method uses AES (the Advanced Encryption Standard,
   formerly Rijndael) with 128-bit keys [AES].  The block size is 16
   bytes.

with:

   At this time it appears likely that a future revision of this 
   specification will promote aes128-ctr to be REQUIRED; 
   implementation of this algorithm is very strongly encouraged.

							- Bill


						- Bill