[Top] [All Lists]

Re: Mandatory to Implement Algorithms in CMS

2001-06-28 14:44:02

At 9:13 AM -0400 6/28/01, Housley, Russ wrote:
As many of you know, I am arguing for a common set of cryptographic algorithms throughout the IETF Security Area. Having each CMS referee specify their own set of algorithms does not support this objective.

What do others think?

Russ is right on a technical front: the IETF should use a common set. It is now looking better that this might happen, given that the TLS folks are going to use RSA with OEAP for AES ciphers.

On a political front, this is going to be a long battle. The IETF security area takes forever to act on things that they have agreed to; for instance, IPsec still mandates DES (not TripleDES) years after our self-congratulatory pronouncements about changing. There is very little cross-pollination in the security area, as shown by the TLS debate.

It is worth a shot, but don't expect success.

--Paul Hoffman, Director
--Internet Mail Consortium