Main Archive Page > Month Archives  > ipsec archives

Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2

From: Frankel, Sheila E. <sheila.frankel_at_nospam>
Date: Tue Oct 27 2009 - 15:48:14 GMT
To: "ipsec@ietf.org" <ipsec@ietf.org>

#115: Camellia req levels for IKEv2

Proposed changes to Roadmap doc:

1. Change IKEv2 requirement level for Camellia-CBC from undefined (no RFC) to optional
2. Add text to Section 5.2.6 (RFC 4312, The Camellia Cipher Algorithm and Its Use with IPsec)

Current text:

   [RFC5529] describes the use of the Camellia block cipher algorithm in    conjunction with several different modes of operation. It describes    the use of Camellia in Cipher Block Chaining (CBC) mode and Counter    (CTR) mode as an encryption algorithm within ESP. It also describes    the use of Camellia in Counter with CBC-MAC (CCM) mode as a combined    mode algorithm in ESP. This document defines how to use IKEv2 to    generate keying material for a Camellia ESP SA; it does not define    how to use Camellia within IKEv2 to protect an IKEv2 SA's traffic.

Additional text:

   However, this RFC, in conjunction with IKEv2's generalized description    of block mode encryption, provide enough detail to allow the use of    Camellia-CBC algorithms within IKEv2.

Current text (continued):

   All three modes can use keys of length 128-bits, 192-bits or    256-bits. [RFC5529] includes IANA values for use in IKEv2 and    IPsec-v3. A single IANA value is defined for each Camellia mode, so    IKEv2 negotiations need to specify the keysize.

---

From: ipsecme issue tracker [trac@tools.ietf.org] Sent: Friday, October 16, 2009 8:29 PM
To: paul.hoffman@vpnc.org; Frankel, Sheila E. Subject: [ipsecme] #115: Camellia req levels for IKEv2

#115: Camellia req levels for IKEv2
-----------------------------------+---------------------------------------- Reporter: paul.hoffman@… | Owner: sheila.frankel@… Type: defect | Status: new Priority: normal | Milestone: Component: roadmap | Severity: - Keywords: | -----------------------------------+---------------------------------------- Camellia-CBC: covered by generic CBC requirements in RFC4306?  Camellia-CTR: needs its own RFC?
 Camellia-CCM: covered by RFC 5282? -- Ticket URL: <http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/115> ipsecme <http://tools.ietf.org/ipsecme/> _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec

• This message: [ Message body ]
• Next message: Scott C Moonen: "Re: [IPsec] [ipsecme] #112: Truncation of SHA-1 ICVs"
• Previous message: Frankel, Sheila E.: "Re: [IPsec] [ipsecme] #114: Expired drafts, especially BEET"
• Next in thread: Tero Kivinen: "Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2"
• Reply: Tero Kivinen: "Re: [IPsec] [ipsecme] #115: Camellia req levels for IKEv2"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]