And so Steve was right: "The goals of the IETF are out of step with US
companies' business needs".
I don't know why anyone ever debated it.
The only thing that was ever in scope for me was the interoperability of
any two implementations of S/MIME. That's it. The MUST for RC2 40-bit
/ whatever 40-bit is only to accomplish that goal. I don't know why I
have trouble getting this across.
Bob, you should get your own email address sometime :).
Blake
-----Original Message-----
From: Ned Freed [SMTP:Ned(_dot_)Freed(_at_)innosoft(_dot_)com]
Sent: Monday, April 21, 1997 10:18 AM
To: Charles Breed
Cc: ietf-smime(_at_)imc(_dot_)org
Subject: Re: S/MIME Export and the IETF
"The IETF has to get out of two businesses: (1) worrying about the market
share of a few U.S. software companies and (2) interpreting U.S. export
control laws.
Hear hear! Charles, I am in complete agreement with this, and moreover I
would go so far as to recommend that any charter developed for an S/MIME
working group place these concerns out of scope.
As it happens I'm also a principal in a US software company that would very
much like to be able to sell strong encryption to the 45% of our customer
base
that happens to be outside the US. And mandating strong encryption in S/MIME
absolutely does hurt us in this regard. However, I am also able to separate
what's good for the IETF as a whole from what is good for us as a business,
and
in my judgement what's good for the IETF isn't what's good for us, at least
not
in the short term, so mandatory strong encryption is what I think the IETF
should mandate in S/MIME.
This issue is entirely separate from the RC* issue, BTW. RC* with 256 bits
of key is every bit as unacceptable as 40 bits is when it comes to IETF
confidentiality rules.
Ned