Using Advanced Encryption Standard Counter Mode (AES-CTR) with the Internet Key Exchange version 02 (IKEv2) Protocol
draft-ietf-ipsecme-aes-ctr-ikev2-07
Yes
(Jari Arkko)
(Sean Turner)
No Objection
(Adrian Farrel)
(Alexey Melnikov)
(Dan Romascanu)
(David Harrington)
(Gonzalo Camarillo)
(Peter Saint-Andre)
(Ralph Droms)
(Robert Sparks)
(Ron Bonica)
(Stewart Bryant)
(Tim Polk)
Abstain
Note: This ballot was opened for revision 07 and is now closed.
Jari Arkko Former IESG member
Yes
Yes
()
Unknown
Sean Turner Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Alexey Melnikov Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
()
Unknown
David Harrington Former IESG member
No Objection
No Objection
()
Unknown
Gonzalo Camarillo Former IESG member
No Objection
No Objection
()
Unknown
Peter Saint-Andre Former IESG member
No Objection
No Objection
()
Unknown
Ralph Droms Former IESG member
No Objection
No Objection
()
Unknown
Robert Sparks Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Stewart Bryant Former IESG member
No Objection
No Objection
()
Unknown
Tim Polk Former IESG member
(was Discuss)
No Objection
No Objection
(2010-05-06)
Unknown
Russ Housley Former IESG member
Abstain
Abstain
(2010-05-04)
Unknown
I cannot see the justification for using AES-CTR to protect IKEv2 traffic. There is a strong justification for AES-CTR in ESP where there are high data rates. The data rates for IKEv2 traffic ought to be quite small, so the performance improvement is not really needed. Also, the use of counter mode requires care to ensure that the same counter value is never used more than once under the same key.