Re: The 40-bit debate

Please note the subject of this part, and reply with this subject if
you want to talk about whether or not the S/MIME spec should have a MUST
or a SHOULD that includes 40-bit encryption.


The S/MIME spec can specify a way to do 40-bit crypto if this WG wants 
it to do so, and can even specify that implementations "MUST" (or "SHOULD")
implement it.

However,

+ any MUST or SHOULD algorithm MUST be published and available on 
  fair and nondiscriminatory terms  (this is from RFC 2026)

+ (IMHO) the S/MIME spec will not be of standards-track quality
  unless it also specifies a "MUST implement" algorithm and key 
  length compatible with the recommendations of RFC 1984.  

Keith

<Prev in Thread]	Current Thread	[Next in Thread>
The 40-bit debate, Paul E. Hoffman Re: The 40-bit debate, Keith Moore <= Re: The 40-bit debate, Charles Breed RE: The 40-bit debate, Blake Ramsdell Re: The 40-bit debate, Scott Merrilees RE: The 40-bit debate - user's needs, Laurence Lundblade RE: The 40-bit debate, lindsay RE: The 40-bit debate, Paul E. Hoffman Re: The 40-bit debate, Raph Levien Re: The 40-bit debate, Paul E. Hoffman Re: The 40-bit debate, Keith Moore Re: The 40-bit debate, Housley, Russ