[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: starting on asking THE QUESTION



(Yes, slightly old mail -- I've been out of town.)

On Thu, 15 Jul 1999, Joern Sierwald wrote:
> There is no actual need to do anything.
> Everybody has implemented 3DES.
> We do have a second cipher to use, and even a third one,
> CAST-128 and blowfish. If people in the commercial world wish
> to use something else than DES, they can.
> If we add a "SHOULD implement CAST-128", does it matter? 

"SHOULD", probably not.  "MUST", yes, it could matter.

*Not* everybody has implemented 3DES, at least not in readily-available
forms.  We still get occasional complaints about FreeS/WAN not supporting
1DES, from people who are trying to make FreeS/WAN talk to existing
commercial boxes which don't speak anything else.  Sometimes there are
3DES upgrades for said boxes, but only at higher cost or with availability
problems.  Sometimes not. 

Which points out that the issue is interoperability.  Why have standards
at all, if people are free to use whatever they wish?  The answer is, they
aren't.

The reason to add another "MUST" algorithm would be to (help) ensure that
*everybody* implements it, so you can *depend* on being able to use it. 
Some users have control over all the equipment they use, and so can choose
systems that support the algorithms they want (provided that such systems
exist!).  Many are not so fortunate. 

                                                          Henry Spencer
                                                       henry@spsystems.net
                                                     (henry@zoo.toronto.edu)



References: