[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Evaluation: draft-blumenthal-aes-usm - The AES Cipher Algorithm in the SNMP's User-based Security Model
- To: Internet Engineering Steering Group <iesg@ietf.org>
- Subject: Evaluation: draft-blumenthal-aes-usm - The AES Cipher Algorithm in the SNMP's User-based Security Model
- From: IESG Secretary <iesg-secretary@ietf.org>
- Date: Fri, 12 Sep 2003 15:41:00 -0400
--------
Last Call to expire on: 2003-04-25
Please return the full line with your position.
Yes No-Objection Discuss Abstain
Harald Alvestrand [ ] [ ] [ ] [ ]
Steve Bellovin [ X ] [ ] [ ] [ ]
Randy Bush [ ] [ ] [ ] [ ]
Bill Fenner [ ] [ ] [ ] [ ]
Ned Freed [ ] [ ] [ ] [ ]
Ted Hardie [ ] [ ] [ ] [ ]
Russ Housley [ ] [ ] [ ] [ ]
Allison Mankin [ ] [ ] [ ] [ ]
Thomas Narten [ ] [ ] [ ] [ ]
Jon Peterson [ ] [ ] [ ] [ ]
Margaret Wasserman [ ] [ ] [ ] [ ]
Bert Wijnen [ ] [ ] [ ] [ ]
Alex Zinin [ ] [ ] [ ] [ ]
2/3 (9) Yes or No-Objection opinions needed to pass.
DISCUSSES AND COMMENTS:
======================
^L
---- following is a DRAFT of message to be sent AFTER approval ---
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce:;
Cc: Internet Architecture Board <iab@iab.org>,
RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'The AES Cipher Algorithm in the SNMP's
User-based Security Model' to Proposed Standard
The IESG has approved following document:
- 'The AES Cipher Algorithm in the SNMP's User-based Security Model'
<draft-blumenthal-aes-usm-06.txt> as a Proposed Standard
This document has been reviewed in the IETF but is not the product of an IETF Working Group.
The IESG contact person is Steve Bellovin.
Technical Summary
The current SNMPv3 specifications describe use of DES for security. DES is not secure; it has been deprecated and replaced by AES. This document describes how to use AES with SNMPv3.
Working Group Summary
One obvious way to use AES would be to simply replace "DES" with "AES" and "8" (the block size) with "16". But that would expand the packet even more. This protocol uses CFB mode instead of CBC mode, to prevent packet expansion.
Protocol Quality
This protocol was reviewed for the IESG by Steve Bellovin and Bert Wijnen.