Jon Callas says:
So IDEA as SHOULD would guarantee backward compatibility? Fine. I'd prefer
MUST, but I see the problem.
Alas, it doesn't. The only thing that guarantees interoperability is MUST,
and you can't have a MUST algorithm that's got intellectual property
constraints, if there is an alternative.
Wel, nobody asks to GUARANTEE backward compatibility in ALGORITHMS.
On the other hand, nobody prohibits one from purchasing IDEA and
RSA license and building a backward-compatible product, if this
is what one thinks his customers want.
To accomplish it, "MAY" would be sufficient. "SHOULD" is actively
encouraging the interoperability with the obsoleted de-facto
standard and is certainly more than enough.
When we started the BOF in Munich, we had as one of the OP goals "limited
backwards compatibility." What we meant by this was that we wouldn't even
consider backwards compatibility with anything before 2.6, we even think
that 2.6 should eventually be migrated/upgraded/phased out for security
reasons, and we knew that even 2.6 compatibility is not possible given IETF
because 2.6 used *only* encumbered algorithms. Thus, we put in the
weasel-words "limited backwards compatibility."
Speaking PGP Inc. - I wish you ensured full backward compatibility
wrt. the INTERFACE: for example, since I have no time to modify
Mailcrypt-3.4 package that serves me nicely, I'd appreciate
if you could make PGP-6 (or whatever version it is going
to have :-) a perfect drop-in replacement for PGP-2.6.x
having the default algorithm suit specified, let's
say, in ~/.pgp/config.txt.
The bottom line is that we cannot be both an IETF standard and have
guaranteed backward compatibility with 2.6.
Sure. How possibly can this be any different?