Re: Do people have something against RSA?

[Denis Pinkas <Denis.Pinkas@xxxxxxxx>]

denis,

I will use your E-mail to comment.
 
> > > Get real!  The whole world uses RSA. [...]
> > > Insisting upon DSA and Diffie-Hellman is like railing against the
> > > universality of Microsoft: pointless and missing the point.
> > IETF standards are required to use non-proprietary technologies wherever
> > possible.
> 
> Yes, but - the RSA patent is going to expire in September this year, is it
> not?
> 
> There are not going to be any serious commercial employments of, say, a TSA,
> before September, are they?

I do not buy the arguments from Christopher, but I thank him for
being the first one daring to raise the issue. The question raised
by denis makes sense: we only have a little bit more than 3 months
left before the expiration of the RSA patent.

There are two related questions:

1) Should we mandate the use of the RSA algorithm for signing TS
token ? This seems reasonable in this new context.
2) Should the chairs wait until September 21 rst, 2000 to send the
TSP draft to the IESG (and mandate the use of the RSA algorithm for
signing) or should they do it now (i.e. as soon as they consider
that we have reached a WG consensus) taking into account that the
next step is Proposed Standard, i.e. not Standard, which means that
in any case, the Standard will be published three months AFTER the
expiration of the RSA patent. 

The later seems reasonable ... but would mean to publish a version 9
of the TSP draft before sending it to the IESG.

Anyway the question is much broader than the TSP draft and applies
to all other drafts, in particular Attibute Certificates.

Denis

> So why not put in RSA, since the patent is going to expire soon enough
> anyway? As far as I know, the validity of the patent cannot be extended,
> thus RSA becomes public domain.
> 
> Regards,
> 
> denis