Rodney Thayer wrote:
My point is that TLS was ordered to use DSS/DH and 3DES rather than RSA and
RC4 as the MUST.
"ordered" is an interesting word.
Analyzing 2026 to death rather than finding out what the IETF really does
is why I started this comment.
OK, I admit to a flaw in my research. I was assuming that the IETF
documented its processes and decisions, and that such process and
decision-making was robust enough to be analysed or even audited at some
future time. I think the term for this might be transparency or
You are suggesting, and suggesting strongly even, that this is not the
case. OK, I completely accept that, as I am new to the process, and
there is no reason to believe that the IETF would have adopted these
Is there any reference material of a non-formal nature that would
support the notion that this WG should use unencumbered crypto for its
If there is no supporting material at all, and the policy is based on
verbal or emailed conversations, then I would be most uncomfortable. It
would raise many questions, and given the circumstances of the
competition for mail standards, these are questions that we'd rather the
other standards proponents could not raise.
( I think I know what the answer to this might be: there is no
supporting material and it should be taken up with the Area Director.
OK, I'll start drafting a note. Not knowing the guy and how familiar he
is with the situation, this'll keep me quite for a few days. :-)
FP: 1189 4417 F202 5DBD 5DF3 4FCD 3685 FDDE on pgp.com