The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com> Subject: Protocol Action: 'The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)' to Proposed Standard The IESG has approved the following document: - 'The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE) ' <draft-hoffman-rfc3664bis-06.txt> as a Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-hoffman-rfc3664bis-06.txt
Technical Summary This document will replace RFC 3664 (once it is approved). RFC 3664 defines a particular pseudo-random function based on a key and a message; however, RFC 3664 inadvertently only allowed fixed-size keys of 128 bits. This document allows keys of all sizes. Working Group Summary This document was discussed in the IPsec WG before it was shut down, and it was further discussed and on the IPsec mailing list after the IPsec WG was shut down. Suggestions lead to significant improvements in the parts of the function. Protocol Quality The document was brought to the attention of the CFRG, which raised no concerns. Two different implementers who already had RFC 3664 implementations read the specification and were able to implement the changes successfully and interoperably. This document was reviewed by Russ Housley for the IESG.