Re: [Fwd: [Russ Housley] DISCUSS: draft-ietf-secsh-newmodes-05]

[der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>]

>> I don't think we actually need any of the modes described in
>> newmodes to be REQUIRED.  [...]
> I believe the goal is "if you support 'newmodes' you must support
> aes128-ctr" so that two implementations which claim to support
> "newmodes" will not fail to interoperate because one only supports
> 3des-ctr and the other only supports aes128-ctr.

I don't see that as an especially useful property, because I don't
think "supports `newmodes'" is a useful thing.  "Supports aes128-ctr
from `newmodes'", or "rekeys as recommended by `newmodes'", or the
like, those could be useful, but newmodes qua newmodes isn't so much a
thing to be supported (or not) as a convenient umbrella under which to
collect a bunch of individual things to be supported (or not).

I'm in favour of the "no REQUIRED items" position.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B