[Top] [All Lists]

RE: S/MIME Export and the IETF

1997-04-21 14:07:17
And so Steve was right:  "The goals of the IETF are out of step with US
companies' business needs".

I don't know why anyone ever debated it.

The only thing that was ever in scope for me was the interoperability of
any two implementations of S/MIME.  That's it.  The MUST for RC2 40-bit
/ whatever 40-bit is only to accomplish that goal.  I don't know why I
have trouble getting this across.

Bob, you should get your own email address sometime :).


-----Original Message-----
From:  Ned Freed [SMTP:Ned(_dot_)Freed(_at_)innosoft(_dot_)com]
Sent:  Monday, April 21, 1997 10:18 AM
To:    Charles Breed
Cc:    ietf-smime(_at_)imc(_dot_)org
Subject:       Re: S/MIME Export and the IETF

"The IETF has to get out of two businesses: (1) worrying about the market
share of a few U.S. software companies and (2) interpreting U.S. export
control laws.

Hear hear! Charles, I am in complete agreement with this, and moreover I
would go so far as to recommend that any charter developed for an S/MIME
working group place these concerns out of scope.

As it happens I'm also a principal in a US software company that would very
much like to be able to sell strong encryption to the 45% of our customer
that happens to be outside the US. And mandating strong encryption in S/MIME
absolutely does hurt us in this regard. However, I am also able to separate
what's good for the IETF as a whole from what is good for us as a business,
in my judgement what's good for the IETF isn't what's good for us, at least
in the short term, so mandatory strong encryption is what I think the IETF
should mandate in S/MIME.

This issue is entirely separate from the RC* issue, BTW. RC* with 256 bits
of key is every bit as unacceptable as 40 bits is when it comes to IETF
confidentiality rules.


<Prev in Thread] Current Thread [Next in Thread>