Re: Last ditch proposal for crypto suites

[Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>]

	From: Lakshminath Dondeti <ldondeti@nortelnetworks.com>

	 From what I understand from the concrete proposal below, a compliant 
	implementation MUST recognize suites as well as ala carte proposals. 
	How does this make life any easier for anyone?
	
	regards,
	Lakshminath

As I read Charlie's concrete proposal, it says that an implementation
can choose to implement only suites. Only the suites would be mandatory
to implement, and the only a la carte code necessary would be the ability
to skip over the a la carte stuff.

I remember in person, and at the mike at meetings, enough people arguing
for a la carte that we didn't switch, but I don't remember who was arguing
for it. I think the argument was that the number of suites defined tends
to grow exponentially, especially with new vanity crypto algorithms, but
I'd think whoever defined the vanity algorithm could choose which hash,
signature scheme, etc., went with it, and wouldn't need that algorithm
in combination with lots of choices.

I did enjoy the quote Charlie put into the spec until the rest of us
noticed and made him take it out..."Assembly of SA payload requires
great peace of mind" (paraphrase of quote from Zen and the Art
of Motorcycle Maintenance). :-)

Radia