[Top] [All Lists]

Re: IDEA licensing vs RSA licensing (Re: What do we have to do

1997-11-03 13:31:27
At 12:11 PM 11/3/97 GMT, Lutz Donnerhacke wrote:
   So IDEA as SHOULD would guarantee backward compatibility? Fine. I'd prefer
   MUST, but I see the problem.

Alas, it doesn't. The only thing that guarantees interoperability is MUST,
and you can't have a MUST algorithm that's got intellectual property
constraints, if there is an alternative.

When we started the BOF in Munich, we had as one of the OP goals "limited
backwards compatibility." What we meant by this was that we wouldn't even
consider backwards compatibility with anything before 2.6, we even think
that 2.6 should eventually be migrated/upgraded/phased out for security
reasons, and we knew that even 2.6 compatibility is not possible given IETF
because 2.6 used *only* encumbered algorithms. Thus, we put in the
weasel-words "limited backwards compatibility."

The bottom line is that we cannot be both an IETF standard and have
guaranteed backward compatibility with 2.6.


Jon Callas                                  jon(_at_)pgp(_dot_)com
Chief Scientist                             555 Twin Dolphin Drive
Pretty Good Privacy, Inc.                   Suite 570
(415) 596-1960                              Redwood Shores, CA 94065
Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
              665B 797F 37D1 C240 53AC 6D87 3A60 4628           (RSA)