Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Cisco Firewall IOS question

From: Steve Bellovin <smb () research att com>
Date: Fri, 09 Oct 1998 13:29:17 -0400

The bad news is that the names imply that it's still limited to
56-bit.  Isn't there a longer bit-length that's considered mandatory
for IPSec (3-DES or some such) or was that just wishful thinking
on my part?


The only mandatory transform for ESP in IPSec is 56-bit DES.


Right.  However, when the RFCs are published they will contain a
*very* strong note urging vendors to implement 3DES.  As a matter
of process, it was just too late to stop things when Deep Crack
was announced, and not enough people wanted to believe in the
possibility ahead of time...
Previous By Date Next
Previous By Thread Next

Current thread: