[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: The besty


We all know that we cannot find a crypto-algorithm that is acceptable by all
governments (including France, Irak and Russia) and exportable from all
countries (including the US). The IAB, the IESG, sevral working groups and
research groups discussed the issue at length.

There is however a wide recognition that:

 * we might allow sites to pick any algorithm on a bilateral basis. IDEA and
   triple DES come out as very reasonable choices. But in order for
   negotiations to converge, we need one fall common ball-back.

 * DES in CBC mode has good properties for selection as a common fall
   back. The specs are public (courtesy of the US govt), hardware and software
   are available, even public domain software from Finland.

 * Yes, export control is a pain. But there are at least two turnarounds. Big
   companies can develop in a country which does not restrict export, which I
   understand DEC is doing in Israel. Small companies can peer with local
   partners which add the crypto-stuff in their own country.

 * Overall, the gain of a common spec is worth the pain. 

Now, I wish we could get the silly export control restrictions removed, not to
mention the absurd usage restrictions of France. But that seems more a task
for the EFF or the ISOC than for the IETF.

Christian Huitema