We are facing this issue in other security-related WGs (S/MIME, PKIX,
IPsec, and TLS jump to mind). The WGs have selected
mandatory-to-implement algorithms. This has been done by each
working group using criteria that were developed by the participants
in that WG -- just like we see happening here. This group needs to
decide if the various communities that have chosen to follow FIPS 140
constitute a big enough portion of the market to warrant a SHOULD
. Also, other security-related WGs have permitted other algorithms
to be used in order to meet requirements of specific countries and
communities. As long as a protocol is algorithm independent and we
select a strong mandatory-to-implement algorithm, I think we are doing our job.
Russ
At 10:53 AM 2/6/2007, Spencer Dawkins wrote:
>Hi, Dan (Wing),
>
>I'm not trying to channel Dan (York), but I did undertand his
>concern as being that other countries that don't use FIPS-140 might
>reasonably ask "hey, what about OUR mechanism?"
>
>Not that FIPS-140 is evil or weak, just that calling it out may lead
>to requests that we call out other standards, too.
>
>Thanks,
>
>Spencer
>
>>>There's also the wee little detail that
>>>FIPS is only a US government standard (although various other
>>>countries do follow it).
>>
>>Yes, FIPS-140 is a US Government standard, but I don't
>>understand the concern. For example, FIPS-140, today, allows
>>a module that implements IPsec to pass FIPS certification; this
>>does not mean IPsec is somehow evil or has weak security.
>
>