[Top] [All Lists]

Re: IDEA licensing vs RSA licensing (Re: What do we have to do today?)

1997-11-10 01:42:20
  Anyway, I agree with the people who are arguing for MUST for 3DES,
  DSA, Elgamal; and SHOULD for RSA, IDEA, MD5, and MAY for the rest.

Presumably SHA-1 also belongs in MUST?

A very basic reason: SHOULD is only for things that are strongly desired
by all implementations. If we have a strong algorithm for a MUST and
another strong algorithm for a SHOULD, I see no point to tossing another
SHOULD in. Many developers try to implement all SHOULD-level specs, and
this would cause needless software bloat with little definable benefit.

3DES is MUST, because everybody trusts it, but nobody really likes it :-)  
IDEA is fine, and fast enough to use, but encumbered.

Adding CAST5 as a SHOULD sets a direction that we want a fast free
algorithm to be the primary operating mode, which I think is good,
and says that enough people trust CAST5 that it's the best choice -
is that realistic?
Bill Stewart, stewarts(_at_)ix(_dot_)netcom(_dot_)com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639