David P. Kemp wrote: > > > > But the standard, mandatory-to-implement, universally-interoperable > > > algorithm cannot be proprietary. > > > > Unfortunately, operations in the real world mean that there will never > > be a universally-interoperable algorithm ... > > The IETF requirement levels apply to implementations of a standard, and > mandatory just means that the product must be capable of using a particular > algorithm. The goal is to encourage interoperability by ensuring that > anyone who wishes to use the baseline capability will have it available > if they have a TLS-compliant product. > > Determining whether the baseline capability is enabled or not is a > policy matter to be decided by the user/sysadmin/SSO, and the IETF is > explicitly silent on policy. The actual level of interoperability in the > real world will be determined by those configuration/policy decisions. > > In theory, the working group could decide to have no mandatory algorithms > and make all of them optional, but it might have trouble convincing the > IESG to approve a document that did not define a required (lowest common > denominator?) baseline capability. Given that some set of CipherSuites > is designated as mandatory, that set should not include proprietary > algorithms when acceptable non-proprietaty alternatives exist. How ever I got your service,it was a mistake. Please remove it I'm not reading it and I don't want to read it's only messing up my email. Thank you and I hope this is goodby.Received on Saturday, 21 December 1996 10:24:39 EST
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:55 EDT