[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (IPng) Re: The besty
We all know that we cannot find a crypto-algorithm that is acceptable by all
governments (including France, Irak and Russia) and exportable from all
countries (including the US). The IAB, the IESG, sevral working groups and
research groups discussed the issue at length.
There is however a wide recognition that:
* we might allow sites to pick any algorithm on a bilateral basis. IDEA and
triple DES come out as very reasonable choices. But in order for
negotiations to converge, we need one fall common ball-back.
* DES in CBC mode has good properties for selection as a common fall
back. The specs are public (courtesy of the US govt), hardware and software
are available, even public domain software from Finland.
* Yes, export control is a pain. But there are at least two turnarounds. Big
companies can develop in a country which does not restrict export, which I
understand DEC is doing in Israel. Small companies can peer with local
partners which add the crypto-stuff in their own country.
* Overall, the gain of a common spec is worth the pain.
Now, I wish we could get the silly export control restrictions removed, not to
mention the absurd usage restrictions of France. But that seems more a task
for the EFF or the ISOC than for the IETF.