"Bob Jueneman" <bjueneman(_at_)novell(_dot_)com> writes:
I'm not necessarily advocating this position -- I might like to think about it
some more myself -- but just for the sake of argument and to take the pulse,
what would people think of making ANSI X9.31 RSA a MUST, X9.31 EC-DSA a
SHOULD, and DSA and PKCS-1 RSA a MAY?
How about trying to make the spec at least vaguely approximate reality in the
choice of algorithms? It doesn't really matter if you include requirements
like "MUST DSA OR WE WILL KILL YOU[0], SHOULD NOT RSA", in practice the world
will interpret it as "MUST RSA, MAY DSA, SHOULD NOT X9.42 DH, BWAHAHAHAHAHA
X9.31 RSA" no matter what it says in the RFC (I think IBM does X9.31 in CCA but
does anything else in existence implement this?).
I've been sitting here watching this debate go on and on, but since no matter
what you put in the RFC the market will interpret it as MUST RSA and various
levels of deprecation for anything else maybe we could get Markov Chaney to
continue the debate for a while just for forms sake and then after enough
messages have been exchanged to satisfy everyone either put text in the RFC
which accepts what everyone's going to do anyway or which specifies all sorts
of options and alternatives secure in the knowledge that implementors will
ignore it and do what the market wants/expects, which ain't DSA or X9.31 RSA.
Peter.
[0] RFC 2026bis, "When MUST just isn't enough".