Re: Your DISCUSS on draft-ietf-secsh-newmodes-05

[Jeffrey Hutzelman <jhutz%cmu.edu@localhost>]

On Wednesday, September 07, 2005 08:57:20 AM +0200 Jon Bright 
<jon%siliconcircus.com@localhost> wrote:

> Bill Sommerfeld wrote:
> > Anyone with an opinion on this topic who has *not* yet spoken up should
> > do so sooner rather than later.  Please keep Russ CC:ed in this
> > discussion.
>
> Having read various other comments and thought about it a bit, my
> favoured solution is to REQUIRE 3des-ctr if *any* of the newmodes ciphers
> are implemented.

Why?  What security or interoperability purpose would be served by such a 
requirement?


> Additionally, would a conditional REQUIRE be possible
> for aes128-ctr?  Something along the lines of "we'd really, really like
> you to implement this, but we recognize that not everyone's hardware is
> going to be big enough to squeeze in both 3des and aes implementations".

That's what SHOULD means.



I really see no benefit to a requirement in which, if a particular 
algorithm is supported, then some other alternative algorithm must also be 
supported.  I will note that RFC2119 says:

  Imperatives of the type defined in this memo must be used with care
  and sparingly.  In particular, they MUST only be used where it is
  actually required for interoperation or to limit behavior which has
  potential for causing harm (e.g., limiting retransmisssions)  For
  example, they must not be used to try to impose a particular method
  on implementors where the method is not required for
  interoperability.

So, please, show me either an interoperability need that is served or a 
potential for causing harm that is limited by making one encryption 
algorithm a prerequisite for another.

Alternately, I'd like to echo der Mouse's question -- what does it mean to 
"implement newmodes" ?