The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
RFC 3826

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'The AES Cipher Algorithm in the 
         SNMP's User-based Security Model' to Proposed Standard 

The IESG has approved the following document:

- 'The AES Cipher Algorithm in the SNMP's User-based Security Model '
   <draft-blumenthal-aes-usm-09.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Steve Bellovin.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-blumenthal-aes-usm-09.txt

Technical Summary
 
 The current SNMPv3 specifications describe use of DES for security.  DES is not secure; it has been deprecated and replaced by AES. This document describes how to use AES with SNMPv3. 
 
Working Group Summary
 
 One obvious way to use AES would be to simply replace "DES" with "AES" and "8" (the block size) with "16".  But that would expand the packet even more.  This protocol uses CFB mode instead of CBC mode, to prevent packet expansion.
 
Protocol Quality
 
 This protocol was reviewed for the IESG by Steve Bellovin and Bert Wijnen.