W3C home > Mailing lists > Public > ietf-tls@w3.org > October to December 1996

Re: CipherSuites for IETF-Algorithm-Compliant document

From: David P. Kemp <dpkemp@missi.ncsc.mil>
Date: Fri, 20 Dec 1996 17:56:16 -0500
Message-Id: <199612202256.RAA13177@depot.missi.ncsc.mil>
To: dpkemp@missi.ncsc.mil, karlton@netscape.com
Cc: ietf-tls@www10.w3.org
> > But the standard, mandatory-to-implement, universally-interoperable
> > algorithm cannot be proprietary.
>
> Unfortunately, operations in the real world mean that there will never
> be a universally-interoperable algorithm ...

The IETF requirement levels apply to implementations of a standard, and
mandatory just means that the product must be capable of using a particular
algorithm. The goal is to encourage interoperability by ensuring that
anyone who wishes to use the baseline capability will have it available
if they have a TLS-compliant product.

Determining whether the baseline capability is enabled or not is a
policy matter to be decided by the user/sysadmin/SSO, and the IETF is
explicitly silent on policy.  The actual level of interoperability in the
real world will be determined by those configuration/policy decisions.

In theory, the working group could decide to have no mandatory algorithms
and make all of them optional, but it might have trouble convincing the
IESG to approve a document that did not define a required (lowest common
denominator?) baseline capability.  Given that some set of CipherSuites
is designated as mandatory, that set should not include proprietary
algorithms when acceptable non-proprietaty alternatives exist.
Received on Friday, 20 December 1996 18:00:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC