[Top] [All Lists]

Re: Restarting the 40-bit debate

1997-05-10 18:02:19
At 4:03 PM -0700 5/10/97, Keith Moore wrote:
I disagree.  If the standard claims to provide a certain degree of
privacy and authentication, but doesn't mandate that implementations
use cryptographic algorithms and key lengths sufficient to ensure
that degree of privacy or authentication, the standard has failed
to make good on its claims.

<sigh> Keith, for the nth time. Please stick to the spec. Please quote the
spec. That's why we wrote it and are asking for comments.

Where in the spec does it "claim to provide a certain degree of privacy and
authentication" that it does not meet? Please cite a specific sentence or
paragraph. We'll fix it, I promise. What we *do* promise in the spec is
that if you use the minimum algorithm (FOO/40), you are using weak
cryptography. We say that many, many times. Thus, we are living up to our
claims. If you disagree, please state exactly where we have made a claim
higher than we support.

(Obviously, this request goes out to everyone. We do *not* want a spec that
overstates its security.)

Even with a longer key, I'd have to question whether the FOO
algorithm has received sufficient public review to make it the
only "MUST support" algorithm in the standard.

There is no FOO algorthim. The spec says there are multiple candidates for
what it will be replaced with. Clearly, I thought.

--Paul E. Hoffman, Director
--Internet Mail Consortium