Re: CipherSuites for IETF-Algorithm-Compliant document

At 6:08 PM -0500 12/16/96, Rodney Thayer wrote:
>From: (David P. Kemp)
>>  IETF guidelines are that unpublished algorithms are not to be
>>included in Standards-Track documents, but they may be specified
>>in accompanying Informational RFCs.
>Ooh. He's right, isn't he?
>I believe it, but is there an RFC one can quote to reference these

I don't know. I was previously advised that RC2 and RC4 were OK, as long as
there were alternatives, but that Fortezza was right out. I'm going to go
and check with Jeff Schiller.

>So the common denominator among (the tls doc) and (the common exportable
>Netscape) and (the common exportable MS Internet Explorer) would
>end up being MD5 or SHA-1 digesting, and 40-bit DES.
>This is valid, and this is supported by N. and MS., correct?

Actually, as far as I know, neither Netscape nor Microsoft support 40 bit
DES. My belief is that the intersection of the set of publically described
algorithms, the set of exportable algorithms, and the algorithms used my
Netscape or Microsoft is the empty set. I believe this is a problem,
although not an insurmountable one.

If one doesn't restrict to exportability, I know that Netscape supports
RSA-DES-SHA and RSA-3DES-SHA. I don't have a Microsoft Explorer 3.0 that
runs in my office, and 2.0 doesn't tell me what ciphers it supports.

Tim Dierks - -
     Software Haruspex - Consensus Development
  Developer of SSL Plus: SSL 3.0 Integration Suite

Received on Monday, 16 December 1996 18:41:48 UTC