"The wonderful thing about standards is that there are so many to choose from."
I strongly agree with Paul. I am not aware of ANY kind of a significant ground
for IDEA, especially with the relaxation of the US export regulations and the
availability of triple-DES and the forthcoming AES algorithm(s). In fact, I
are already FAR too many algorithms, variations, etc., in the S/MIME standard
it is, and to virtually no good purpose that I can see.
Unless a particular algorithm is obviously off the wall, the tendency is for
implementation to include every algorithm, regardless of the actual number of
Some Program Manager somewhere will say, "But what if customer B want to use
algorithm X, and we don't support it. Then customer A would not be able to
communicate with him, and we might lose sales."
And pretty soon, the product is up to 60 megabytes in size, chock full of
options, and everyone wonders why the product is so bloated and hard to use, not
to mention all of the interoperability problems caused for the customers.
It's high time to say ENOUGH, and to kill off this sort of useless nonsense
while it is
still budding, without consuming useless cycles debating the format of the
the IPR issues, etc., etc.
Paul Hoffman / IMC <phoffman(_at_)imc(_dot_)org> 02/23/00 10:58AM >>>
[snip] To be frank, I've never
heard of anyone wanting to use IDEA for anything other than old PGP. The
folks who wrote PGP had their reasons for choosing IDEA when they did, but
they dropped IDEA as a required algorithm for OpenPGP and that doesn't
appear to have negatively affected them. The IETF shouldn't codify this
kind of marketing hype, even in an Informational RFC.
--Paul Hoffman, Director
--Internet Mail Consortium