[Top] [All Lists]

Re: The RC2 debate

1997-04-23 11:13:42
Keith, I think you're still missing the point I'm trying to make. You say:

Section 10.2, as it applies to RC2, basically means that IETF can't
reference RC2 in a standards-track protocol *if that reference* is
subject to confidentiality restrictions.

The point is that RSA has claimed that any such reference *is* subject to
confidentiality restrictions. And you yourself have asserted that the IETF
cannot judge the merit of such a claim. As such, you have no choice but to
treat it as valid.

So if an IETF WG wants to
use RC2, it has to find a specification for that algorithm which is
not subject to such restrictions.

RSA claims that this is flatly impossible to do.

Again I have to disagree. Publication is not the issue here, the
issue is RSA's claim to a confidentiality requirement that covers
RC2. As long as such a claim exists we cannot use RC2, period.

I think we do disagree here.  But I for one won't object to use of RC2
as long as the S/MIME specification can reference a published
specification which is available to anyone.

Keith, I don't mean to be unfriendly, but this is an absolute showstopper as
far as I'm concerned. So let me be blunt. I believe that progressing a standard
with a RC2 reference in it is a formal violation of IETF rules as long the
status claimed by RSA doesn't change. And this is one rule I happen to believe
must be enforced for the good of the IETF. I also believe I have backed this up
with language from the applicable procedures in force today and that your
reading of the procedures is entirely specious.

As such, I will vociferously object to such a reference every step of the way
through the process, and if it the IESG sees fit to approve such a
specification in spite of my objections I will file a formal appeal with the
IAB, which I believe I will win.


<Prev in Thread] Current Thread [Next in Thread>