-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Feb 21, 2008, at 3:45 AM, Ian G wrote:
Andrey Jivsov wrote:
Hello Ian, thank you for your comments.
Thanks for response. I have not responded in detail to all your
responses, we might be better off both seeing how the rest of the
group chimes in. Instead I've just amplified my points where there
was some divergence.
On background, when it comes to agility, I am a little bit of a
nazi. To me, choice is bad, nasty, evil. This is because the
choice does no good for the user, and lots and lots of bad.
http://iang.org/ssl/h1_the_one_true_cipher_suite.html
Ian,
I agree that there is virtue in limiting choice. However, there are a
lot of people who want ECC, particularly in the context of Suite B. In
the not-to-distant future, this will be a requirement.
There are also other changes we will need to do on the horizon. For
example, someday there will be an AHS hash algorithm set from NIST. Do
we not to that, either? The argument you give is to have no choices.
For the people who want more, is to use S/MIME? If so, and if that's
the decision of the working group -- well, I disagree, but rough
consensus is rough consensus. My company does both OpenPGP and S/MIME.
If the answer to people who want Suite B is that we support it with S/
MIME, that's fine. It is also a huge disappointment, because I would
like to satisfy people's ECC and Suite B needs with OpenPGP, but we
can always migrate people to S/MIME who need that.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFHxH29sTedWZOD3gYRAkc5AJ9LruANnjQGcXVKLMoxWHrcLqgE7wCg/Uax
OQ03J48GnMLG78wcI2bpgwI=
=IHhn
-----END PGP SIGNATURE-----