Reading through this thread, I am astonished at a couple of apparent
truisms that are emerging from the various earnest statements made. These are
(employing a little editorial license):
* The implementation cost of DSA/D-H/3DES was acceptable when RSA was
patented, but now that some of us have actually built/tested this the cost has
gone up into the "too high" range.
* Specifying a single MUST algorithm suite was sufficient to make S/MIME
algorithm independent, but actually requiring two algorithms suites will cost
too much. If we've really achieved algorithm independence in the sense that
Dave Kemp suggests, this should be a debate about a relatively small math
module.
* We have an 'SMIMECapabilities' attribute for which support is MUST, but
some implementations ignore it so we have to use the lowest common denominator
to force interoperability. What make anybody think a MUST on an algorithm
choice would be taken any more seriously?
I don't think I actually have an opinion on this issue myself. I'm of the
mindset to mandate nothing and let Darwin decide. However, I find the seeming
illogic of these collective opinions very troubling. It leads me to think that
we're not getting to the REAL reasoning behind this move.
I think Blake was closest to this in stating that there has been no
customer demand for DSA. Is this the REAL reason to dump DSA? Are customers
demanding RSA be used? Do customers express demand for any algorithms, or do
they just want it to be "secure"? Are we just drifting to the path of least
resistance?
Personally, I favor products that support LOTS of interoperability modes...
not just lowest common denominators. Call me crazy, but...
Chris B.