-----BEGIN PGP SIGNED MESSAGE-----
At 11:07 25-08-1997 EST, David Gaon wrote:
Allen Simpson wrote:
>>>1. mandatory support for strong, open and unencumbered
>>>cryptographic algorithms. Other algorithms may be optionally
>>>specified, but will >>not be required for conformance.
I disagree - There MUST NOT be any mandatory requirements for
algorithms, keys, ...
If two correspondents need to correspond securely, they must first
establish their respective mail security capabilities (ie find out
what they can receive) through the use of other relevant mail
capabilities such as Directories.
If they h ave compoatible capabilities, they will correspond, if they
do not, tough luck. This is no problem for e-commerce because I
expect commercial enterprises will implement a multitude of security
capabilities to satisfy their cusdtomers.
I think specifying at least one algorithm and key length/format should be a
minimum requirement for interoperability. These minimums should be met with
freely available algorithms. If we don't specify a common denominator then
marketing forces, not technical merit, will select a defacto common
denominator for us.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: cp850
Comment: Anthony E. Greene <agreene(_at_)pobox(_dot_)com> pub 1083 0x78cd4329
iQCdAwUBNAKKKkRUP9V4zUMpAQF8qAQ7BF6a3qeLLJjUssYq9pVFBvfmkKldpar0
D4Z9QuYNm1nBHhkPR7l+O+FBVMzFDNgZBZmGHhTZ/2t4YEdSg0de5hMhoMc3KiTK
8B8H70RtVLMnCwdSO2Yt68dI/gT9BgUJHLjdNdFVXliN6mefSUrYU0rLm3YKsRZI
qHjhm9xbgtUqq8rPNsChkg==
=17HH
-----END PGP SIGNATURE-----