RE: [saag] RE: No need for SHA-2 Packet Authentication - Open Let ter to the WG a nd Area Directors

["Hallam-Baker, Phillip" <pbaker@verisign.com>]

Once again:

1. DoD may not be bound by NIST rules but AES/SHA-256 is a NIST standard.
	Ergo if DoD takes it into its head to demand a NIST standard it
likely does so because it regards NISt to be authoritative.

2. IETF rules may state that working group members speak for themselves. 
	However that does not mean that a working group should take a work
item on the assertion by J. Random Bozo that the USG demands it when we can
ask the organization that USG appointed to make such assertions.

3. USG policy (including DoD) is currently to use COTS wherever possible.
	If USG departments are having to specify non-standard extensions to
COTS software and NIST has failed to even inform the standards body that
they have a requirement then NIST is not doing its job.

I pretty much dislike the way that this discussion takes place in which one
party assumes the authority of USG when USG has said nothing on the matter
at all, either directly or indirectly. If the obvious route of asking Tim
Polk or Bill Burr what the situation is is considered objectionable
something is wrong.

		Phill