[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RADEXT WG re-charter
That's the part I still don't understand. The only "consideration" I've
heard so far is that "NIST hasn't blessed it", which is political and not
At IETF 71, the technical discussion brought up the following points:
a. The integrity protection for keywrap is considerably *weaker* (e.g. 64
than for standard MIC algorithms.
b. Encryption algorithms for keywrap cannot be securely used to do bulk
of data, but algorithms that can do bulk encryption can securely be used to
c. Existing IETF standards (such as Diameter EAP, RFC 4702) use TLS to
There are no known security issues relating to this.
As far as the "politics" goes, at various points during this discussion,
have been made with respect to NIST's position. However, when
NIST was contacted to verify those assertions, they indicated that the
either did not represent the official position of NIST, or that NIST had not
taken a position.
Given this, I would suggest that assertions made about NIST positions should
be ruled out of scope, unless they come directly from representatives of
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.