[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bad title change on document in the 48-hour queue
In message <200307032133.h63LX5H07260@windsor.research.att.com>, Bill Fenner wr
ites:
>
>Alternately, use the well-known acronym for triple-DES:
>Triple-Data Encryption Standard (3DES)
>
>I agree that "Triple-Data Encryption Standard (DES)" makes it look like
>"DES" is an abbreviation for "Triple-Data Encryption Standard".
>
>(As a non-security person, I can't expand AES but I know it's an
>encryption protocol. I can't expand SHA but I know it's a hash
>algorithm. I just looked up AES, and I don't think I would recognize
>"Advanced Encryption Standard" as the encryption algorithm that NIST
>chose om in 2002. My opinion is that acronyms like DES, AES, SHA, MD5
>are appropriate in RFC titles, as expanding them does not necessarily
>make things more clear, even (perhaps especially) to people who aren't
>experts in the field.)
>
>
I agree, but it's good to hear a non-security person say so.
A better idea might be to add the word "cipher", "hash function", etc.,
after the acronym:
"A Protocol for Cracking the 3DES Cipher"
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)