[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fwd: Re: FW: RSA mandatory for PKIX CMP?! (fwd)]
"The wonderful thing about standards is that there are so many to chose
RSA is the obvious, de facto choice if the IETF wishes to support
interoperability. Perhaps "mandatory" is too strong, but if a PKIX
implementation chooses to only implement DSA, or some government's
proprietary (or even secret) signature and/or key exchange algorithm, will
the Internet police descend upon them and drag them off to some Dragon
David P. Kemp wrote:
> As an employee of a government which until recently tried to make
> DSA mandatory, I believe that is the wrong approach.
> Speaking from experience, I doubt that the regulatory approach of
> mandating *any* algorithm set will accelerate that process. I
> recommend that PKIX profile the use of RSA, DSA, and EDSA, but not
> make any of them a MUST-implement.