ietf-openpgp
[Top] [All Lists]

Re: IDEA licensing vs RSA licensing (Re: What do we have to do today?)

1997-11-02 06:02:56
-----BEGIN PGP SIGNED MESSAGE-----

In 
<3(_dot_)0(_dot_)3(_dot_)32(_dot_)19971101112020(_dot_)00a783a0(_at_)mail(_dot_)imc(_dot_)org>,
 on 11/01/97 
   at 02:20 PM, Paul Hoffman / IMC <phoffman(_at_)imc(_dot_)org> said:

  Anyway, I agree with the people who are arguing for MUST for 3DES,
  DSA, Elgamal; and SHOULD for RSA, IDEA, MD5, and MAY for the rest.
  
This is my plan. I'm still open toward making CAST5 a SHOULD (in fact, that
is my personal preference), but I hear more reasons for MAY than SHOULD.

A very basic reason: SHOULD is only for things that are strongly desired
by all implementations. If we have a strong algorithm for a MUST and
another strong algorithm for a SHOULD, I see no point to tossing another
SHOULD in. Many developers try to implement all SHOULD-level specs, and
this would cause needless software bloat with little definable benefit.

And, again, I would strongly lobby against any MAY list. A list of IDs
for all known algorithms identifiers is enough.

Well FWIW I don't have a problem with only having one MUST and one SHOULD
but if we are going that route there should be some documentation on what
algorithms PGP 2.6.x & PGP 5.x are using and what the default operations
are so implementors can insure that they have compatability with the
current software available. My understanding is that CAST5 is the default
algorithm in 5.x, if it is not a MUST or SHOULD there still should be some
mention that it is the default in PGP and those wishing to be able to
communicate with 5.x users will need to implement it. Simmilar
documentation should be provide in regards to 2.6.x and the RSA/IDEA/MD5
algortihms.

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                 
       
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNFx5Z49Co1n+aLhhAQFyOgP/d34unVqFpG4hF5QvjCz2sMejCXpNjpE1
K9fqzcYEGvRGKXt+5h9p+ZstNz+zvWqep+Gk1xcVBs0YwSppC6dM4ROqSv5AZsbr
QjHD6v+eASOflK3Qw23aQj9zVpsbiPmu1DJ4iQEIN5UJbLB6VHZ7ytETPNkRc4zb
2xBy9rcJUq8=
=9v+z
-----END PGP SIGNATURE-----