New Algorithms keep coming .. In Cryptography new algorithms surface continuously and existing one are continuously attacked .. Thus the choice of mandatory-to-implement algorithms should be conservative to minimize the likelihood of OSPF being compromised. Would not want to change the OSPF spec each time a cryptographically stronger algorithm is suggested. Eg., DES in the older IPsec RFC was a MUST but now has become a SHOULD NOT. Same goes with MD5 in the IPsec space. |