[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [saag] The use of AES-192 and AES-256 in Secure RTP

From: David McGrew <mcgrew at cisco.com>
To: Paul Hoffman <paul.hoffman at vpnc.org>
Cc: saag at mit.edu, ietf-rtpsec at imc.org, AVT <avt at ietf.org>
Date: Mon, 8 May 2006 09:17:54 -0700
In-reply-to: <p06230927c0851c8a006f at [10.20.30.249]>
References: <1F80FC4D-1FD6-4C3E-89E1-B345ED358767 at cisco.com> <p06230927c0851c8a006f at [10.20.30.249]>

Paul,

good points, I'm convinced that it would be better to dump AES-192from the spec.


David

On May 8, 2006, at 9:12 AM, Paul Hoffman wrote:

At 12:15 PM -0700 5/4/06, David McGrew wrote:
The main motivation for AES-192 and AES-256 is to providealternative ciphers to AES-128 that can be adopted in event thatunforeseen advances in cryptanalysis significantly erode thesecurity level of
AES-128.
The downside of proposing multiple alternative ciphers, as comparedto just one, is that it is likely that implementers will not dointerop testing on all of them. It is much better to propose justone fall-back cipher. This is particularly true for AES, as we havediscovered in the VPNC test lab.
For IETF standards where AES-128 is a MUST-level requirement, thereshould be just one fall-back, AES-256, with wording like the "SHOULD+" definitions in RFC 4307.
--Paul Hoffman, Director
--VPN Consortium

References:
- [saag] The use of AES-192 and AES-256 in Secure RTP
  - From: David McGrew
- Re: [saag] The use of AES-192 and AES-256 in Secure RTP
  - From: Paul Hoffman

Prev by Date: Re: [saag] The use of AES-192 and AES-256 in Secure RTP
Next by Date: [saag] Review of OASIS SAML work encouraged
Previous by thread: Re: [saag] The use of AES-192 and AES-256 in Secure RTP
Next by thread: Re: [saag] The use of AES-192 and AES-256 in Secure RTP
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.