Gene Hoffman says:
......I grant that I am making an
assumption, but it would seem that the majority of keys in use would be
on the public keyring. Of these its clear that there is most likely a
majority of users with DSS/EG keys.
I'd agree with this.
Ignoring that and moving to a couple of more important points, I believe
that the charter had or has a goal of creating a standard to which
implementors anywhere can implement without concern for intellectual
property rights. DSA, SHA-1, ElGamal, 3DES, and CAST5 are all
un-encumbered alogorithims. DSS/ElGamal with either 3DES or CAST should be
the standard MUSTs. If you as an applications developer wish to support
the "legacy" mode of PGP and can get the licenses to do so, please feel
free to implement a SHOULD of RSA/MD5/IDEA as well as
DSS/EG/(???3DES/CAST5????).
Plus - how difficult does one estimate moving from one algorithm
suite to another? In my NSH out-of-hand opinion, the biggest
obstacle is accumulating an equally large amount of equally
respectable signatures on my new public key.
I am sure I will have zero problem convincing my correspondents to
use the algorithms I prefer (especially since my preference has
considerable cryptographic backing :-).
On the symmetric front, I'd like to suggest that all software MUST Decrypt
CAST5 and 3DES, but only MUST encrypt 3DES.
An excellent idea in my view.
--
Regards,
Uri uri(_at_)watson(_dot_)ibm(_dot_)com
-=-=-=-=-=-=-
<Disclaimer>