> On Jun 7, 2020, at 06:24, Valery Smyslov <smyslov.i...@gmail.com> wrote: > > Hi Paul, > > I read this text as a caveat for implementers to not use > keys which cannot provide enough entropy in any case (e.g. passwords). > With this reading it's a text for implementers, not for users.
If you read it that way, then I strongly recommend we put implementeren advise there. The last thing we want is implemented deciding differently on the minimum entropy enforced. Because if I say 32 bytes length and you say 16, interop with me breaks until I lower to 16, and a few years down the line we all set the minimum length at 1 for interoperability. If it’s advise to the user, we can hand wave. If it is requirement for the implementer, we need very specific directions. Paul _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
