|Main Archive Page > Month Archives > ipsec archives|
At 2:23 PM +0300 9/17/09, Tero Kivinen wrote:
>When reading the roadmap I noticed that camellia-ctr is also not
>defined for IKEv2 SAs, so I was wondering if the text in this document
>could be made generic enough so any counter mode cipher could be used.
It is not clear to me that future counter modes will fit today's generic definition. I don't think it is bad to require a specific definition for each application of counter mode.
>Other option is of course to include text to ikev2bis which specifies
>how to use counter mode ciphers when protecting IKEv2 SAs.
This seems like overkill and possibly limiting to future applications of counter mode.
--Paul Hoffman, Director