The encryption option standard should not define the use of a specific cipher and mode of operation. Instead, the client and server must be able to negotiate and select an encryption type from a list of supported types. If an encryption type is found to be weak against some new cryptanalysis attack, it will be easy to discard that particular encryption type.
The encryption-type negotiation method selected is very similar to the authentication-type negotiation. After initiation negotiation, the party which is going to receive encrypted data sends a sub-option sequence containing an ordered list of encryption types. The most preferred type is sent as the first element, and the least preferred as the last. The receiver of this list should select the first supported encryption type, and use it for the data encryption.