David P. Kemp says:
The TLS group has decided that there is only one MUST algorithm,
DSA/DH/3DES, despite the fact that nearly 100% of the installed base
of SSL currently uses RSA/RC4.
Hear, hear! (:-)
This decision was supported by the users, the small vendors, the large
vendors, and the IESG.
I personally am not surprised at all.
This was
not even controversial - the large controversy was whether there should
be even one MUST algorithm suite.
But since all the *current* compliant implementation ought to interoperate,
at least *one* algorithm suite indeed is a-must.
--
Regards,
Uri uri(_at_)watson(_dot_)ibm(_dot_)com
-=-=-=-=-=-=-
<Disclaimer>