At 05:54 PM 10/28/97 -0800, Jon Callas wrote:
. . .
Please note that arguing for IDEA being a MUST algorithm could lead to the
standard getting bogged down.
I think a better term would be "shot down". The IETF has voiced a strong
preference for unencumbered algorithms when available, and IDEA is
encumbered and has other choices, as you mention.
Another way to look at it: if you have IDEA as a MUST along with other
algorithms, you will probably have RSA signatures as a MUST along with
other algorithms. :-)
My thoughts:
(1) MUST Triple-DES (because it's been more studied than CAST5).
(2) Only one MUST algorithm for simplicity.
(3) SHOULD IDEA for compatibility with earlier PGPs (no need to do CAST5
since there is little implementation history).
(4) Absolutely everything else is a MAY. Under no circumstances should we
list any MAYs. Implementors should be free to use whatever they want in
addition to the MUSTs and SHOULDs. We should add algorithm IDs for
everything that we know might be in use (such as Blowfish and CAST5), but
not use any words that limit the algorithms to that list.
--Paul Hoffman, Director
--Internet Mail Consortium