ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [smime] deprecate tripleDES?

2015-01-03 09:27:24
from [Paul Hoffman] [Permanent Link] 
On Jan 3, 2015, at 4:32 AM, Michael Ströder <michael(_at_)stroeder(_dot_)com> 
wrote:

Isn't it the time to deprecate using tripleDES and add a stronger SHOULD for
using stronger symmetric ciphers?


Why? I have not seen any attacks on TripleDES that make it insecure.


The text from https://tools.ietf.org/html/rfc5751#section-2.7.1.2 is pretty
blurry:

  [..] If the sending agent
  chooses not to use AES-128 in this step, it SHOULD use tripleDES.


If there are two or more ways to interpret that sentence, we can clarify it. I 
don't see more than one, but maybe I'm missing something.

--Paul Hoffman
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [smime] deprecate tripleDES?, Michael Ströder
Next by Date:  Re: [smime] deprecate tripleDES?, Sean Leonard
Previous by Thread:  [smime] deprecate tripleDES?, Michael Ströder
Next by Thread:  Re: [smime] deprecate tripleDES?, Sean Leonard
Indexes:  [Date] [Thread] [Top] [All Lists]