Re: Continued discussion of RADIUS Crypto-Agility

[Leif Johansson <leifj@it.su.se>]

Dan Harkins wrote:
>   Hello,
>
> On Wed, August 8, 2007 7:22 am, Leif Johansson wrote:
> [snip]
>   
>> There are two fundamental ways to address this problem: reference
>> some work or roll your own. Radius+DTLS and RadSec fall into the
>> first category, keywrap falls into the second category.
>>     
>
>   I have to disagree. Keywrap is not "roll your own". It uses RFC3394
>   
That is absolutely "roll your own" - RFC3394 is AES which is
crypto not a security protocol. Of course no-one in the IETF
is silly enough not to reference existing crypto :-)


    Cheers Leif


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>