At 2:33 PM -0700 7/3/03, Bill Fenner wrote:
This works for me. It is certainly more accurate than "DES". Spelling it as "TripleDES" is also fine; both seem to be in common use in the non-security world.Alternately, use the well-known acronym for triple-DES: Triple-Data Encryption Standard (3DES) I agree that "Triple-Data Encryption Standard (DES)" makes it look like "DES" is an abbreviation for "Triple-Data Encryption Standard".
(As a non-security person, I can't expand AES but I know it's an encryption protocol. I can't expand SHA but I know it's a hash algorithm. I just looked up AES, and I don't think I would recognize "Advanced Encryption Standard" as the encryption algorithm that NIST chose om in 2002. My opinion is that acronyms like DES, AES, SHA, MD5 are appropriate in RFC titles, as expanding them does not necessarily make things more clear, even (perhaps especially) to people who aren't experts in the field.)
Agree. --Paul Hoffman, Director --VPN Consortium