On Oct 25, 2017, at 22:03, Ronald Tse <tse(_at_)ribose(_dot_)com> wrote:
I think we are slightly confusing an optional algorithm, which OCB is
proposed to be, with a mandatory one.
For IETF standards, optional or mandatory to implement, it should be
unencumbered and free to use.
A user should be able to specify in their preferences that they don’t accept
OCB. A .mil email address will probably specify they do not want OCB in this
case.
This is not unencumbered or free to use and should disqualify this algorithm
for IETF.
For example, Chinese cryptography law strictly forbids AES usage in hardware.
Does that mean Intel needs to drop AES-NI for chips sold in China? The answer
is no. People simply don’t use it because of these regulations.
This example is wrong. IETF does not control other entities. It only controls
itself and set rules for itself. And one of those rules is “free, gratis and
unencumbered”.
This is the same with OCB
It is not, as you explain above.
Paul
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp