Looks pretty good but would like some clarification:
The OPEN-PGP Specification will have provisions for;
1. interoperability using cryptographic algorithms (asymmetric/symmetric
including key lengths) that are consider strong, open and unencumbered,
and other algorithms MAY be used
This is not very good English - the word "may" removes any meaning/force.
2. limited backwards compatibility with the existing pgp message
What is meant by "limited" - read/verify signature only ? "Standard" should
not be concerned with licening unless the intent is only to allow Public
Domain algoritms in which case shouldn't that be in (1) ?
3. Government and legislative policies from any country SHOULD not impact the
specification
Word "SHOULD" makes it a null statement - has same effect as "MAY"
Rest is pretty much no-braners.
Personal feelings are that the top level standard needs to be as open as
possible while allowing for subsets. That is that all possible configurations
need to be allowed while subsets are created for special circumstances
such as France.
"What the large print giveth, the small print taketh away..."
Warmly,
Padgett