On Tue, Feb 08, 2005 at 09:42:20AM -0800, Jon Callas wrote:
I almost cringe to suggest this, but I will.
Triple-DES is pretty much obsolete. Yesterday, I saw that NIST
announced they're moving to stronger hashes.
Does anyone object to changing the MUST cipher to AES (I'd pick 128)
and MUST hash to SHA-256?
This would be difficult to do without breaking backwards
compatibility. There are a lot of deployed systems that expect 3DES
to be the MUST cipher.
I'm not against adding a second MUST cipher without removing the
current 3DES, but I don't see how the 3DES as the
cipher-of-last-resort could be changed except over a significant
amount of time.