David Kemp wrote:
[snip]
If vendors look at what certificates have already been issued to decide
what certificates to support in products under development, we will never
evolve. I favor keeping DSA (in addition to RSA) as a MUST for S/MIME
clients because algorithm independence is valuable in and of itself.
Was S/MIME not algorithm independent when DSA was a MUST? How would
substituting DSA with RSA change the independence? DOD could mandate S/MIME
with DSA even if S/MIME requires RSA. Someone could write a S/MIME with DSA
document similar to the ones with IDEA, CAST, etc.
Regards,
Aram Perez