Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2

To: "ipsec at ietf.org" <ipsec at ietf.org>
Subject: Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2
From: "Frankel, Sheila E." <sheila.frankel at nist.gov>
Date: Tue, 27 Oct 2009 11:48:14 -0400
Accept-language: en-US
Acceptlanguage: en-US
Cc: Tero Kivinen <kivinen at iki.fi>, Paul Hoffman <paul.hoffman at vpnc.org>, "suresh.krishnan at ericsson.com" <suresh.krishnan at ericsson.com>
Delivered-to: ipsec at core3.amsl.com
In-reply-to: <063.06d317c6f664560309ce0afcacc220bc at tools.ietf.org>
List-archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: Discussion of IPsec protocols <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <063.06d317c6f664560309ce0afcacc220bc at tools.ietf.org>
Thread-index: AcpOwQLkzK3hHndfTiuUUrnMhuDXhAIW+HSl
Thread-topic: [ipsecme] #115: Camellia req levels for IKEv2

#115: Camellia req levels for IKEv2

Proposed changes to Roadmap doc:

1) Change IKEv2 requirement level for Camellia-CBC from undefined (no RFC) 
		to optional

2) Add text to Section 5.2.6 (RFC 4312, The Camellia Cipher Algorithm and Its Use with IPsec)

Current text:
   [RFC5529] describes the use of the Camellia block cipher algorithm in
   conjunction with several different modes of operation.  It describes
   the use of Camellia in Cipher Block Chaining (CBC) mode and Counter
   (CTR) mode as an encryption algorithm within ESP.  It also describes
   the use of Camellia in Counter with CBC-MAC (CCM) mode as a combined
   mode algorithm in ESP.  This document defines how to use IKEv2 to
   generate keying material for a Camellia ESP SA; it does not define
   how to use Camellia within IKEv2 to protect an IKEv2 SA's traffic.

Additional text:
   However, this RFC, in conjunction with IKEv2's generalized description 
   of block mode encryption, provide enough detail to allow the use of
   Camellia-CBC algorithms within IKEv2.  

Current text (continued):
   All three modes can use keys of length 128-bits, 192-bits or
   256-bits. [RFC5529] includes IANA values for use in IKEv2 and
   IPsec-v3.  A single IANA value is defined for each Camellia mode, so
   IKEv2 negotiations need to specify the keysize.
________________________________________
From: ipsecme issue tracker [trac at tools.ietf.org]
Sent: Friday, October 16, 2009 8:29 PM
To: paul.hoffman at vpnc.org; Frankel, Sheila E.
Subject: [ipsecme] #115: Camellia req levels for IKEv2

#115: Camellia req levels for IKEv2
-----------------------------------+----------------------------------------
 Reporter:  paul.hoffman at …         |       Owner:  sheila.frankel at …
     Type:  defect                 |      Status:  new
 Priority:  normal                 |   Milestone:
Component:  roadmap                |    Severity:  -
 Keywords:                         |
-----------------------------------+----------------------------------------
 Camellia-CBC: covered by generic CBC requirements in RFC4306?
 Camellia-CTR: needs its own RFC?
 Camellia-CCM: covered by RFC 5282?

--
Ticket URL: <http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/115>
ipsecme <http://tools.ietf.org/ipsecme/>

Follow-Ups:
- Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2
  - From: Tero Kivinen

Prev by Date: Re: [IPsec] [ipsecme] #114: Expired drafts, especially BEET
Next by Date: Re: [IPsec] [ipsecme] #112: Truncation of SHA-1 ICVs
Previous by thread: Re: [IPsec] [ipsecme] #114: Expired drafts, especially BEET
Next by thread: Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2
Index(es):
- Date
- Thread

Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.