[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last ditch proposal for crypto suites
On Thursday 29 August 2002 13:24, Steven M. Bellovin wrote:
> >Based on .......... the agony I hear from users, I'm a strong
> > proponent of suites.
>
> If I understand you correctly, you're saying that implementors and/or
> administrators are making different choices on what combinations to
> offer, thus hurting interoperability? That suggests that even if we
> stick with a la carte, we should specify which combinations MUST be
> offered, from among the standard algorithms (subject to administrator
> security override, of course).
Yes.
> Aside -- and donning my AD hat for a moment -- I've become increasing
> concerned about interoperability. We need to ensure that our
> standards, as well as being technical correct and secure, specify
> a minimum set of mandatory-to-implement mechanisms that will always
> be there.
I'm afraid it means - we must do suites. I myself am concerned that
my pet crypto algorithms might not be there - but still analyzing and
standardizing suites seems a much better idea than a-la carte.
--
Regards,
Uri-David
-=-=-<>-=-=-
<Disclaimer>