We are facing this issue in other security-related WGs (S/MIME, PKIX, IPsec, and TLS jump to mind). The WGs have selected mandatory-to-implement algorithms. This has been done by each working group using criteria that were developed by the participants in that WG -- just like we see happening here. This group needs to decide if the various communities that have chosen to follow FIPS 140 constitute a big enough portion of the market to warrant a SHOULD . Also, other security-related WGs have permitted other algorithms to be used in order to meet requirements of specific countries and communities. As long as a protocol is algorithm independent and we select a strong mandatory-to-implement algorithm, I think we are doing our job.
Russ At 10:53 AM 2/6/2007, Spencer Dawkins wrote:
Hi, Dan (Wing),I'm not trying to channel Dan (York), but I did undertand his concern as being that other countries that don't use FIPS-140 might reasonably ask "hey, what about OUR mechanism?"Not that FIPS-140 is evil or weak, just that calling it out may lead to requests that we call out other standards, too.Thanks, SpencerThere's also the wee little detail that FIPS is only a US government standard (although various other countries do follow it).Yes, FIPS-140 is a US Government standard, but I don't understand the concern. For example, FIPS-140, today, allows a module that implements IPsec to pass FIPS certification; this does not mean IPsec is somehow evil or has weak security.