In message <199905191326(_dot_)JAA21761(_at_)egate3(_dot_)citicorp(_dot_)com>,
Creating a world-wide standard which significant
portions of the world are unable to comply with is pointless.
I can't believe we're having this discussion *again* in the Security Area.
I strongly dispute your claim of "significant portions of the world".
Countries with import or use restrictions on cryptography are rare; even
France has backed down on that one.
Whether you like it or not, American companies and their government's export
restrictions are irrelevant. There are numerous examples of non-US
organisations picking up the slack, and their are numerous examples of
American companies getting around the restrictions. Two examples would be
RSA's new office in Australia, and the Fortify program for Netscape
IETF standards will outlive government restrictions on cryptography, and
should not short-sightedly cater to them. Last time I checked, this was also
the opinion of the IESG.
C. Harald Koch <chk(_at_)pobox(_dot_)com>
"It takes a child to raze a village."
-Michael T. Fry