[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NIST GAK export meeting, short version

>_do control_. They hope that the pain of having multiple versions will be
>so high that no vendor will bother, and all we'll have is crippled

>I think that the real key is for everyone, worldwide to insist on
>both strong crypto and interoperability.

Anything that uses cryptography absolutely and positively *must* support
multiple cryptographic protocols.  Tag every RPC, transaction, method
invocation, what-have-you with some indicator that indicates not only
"encrypted" but "encrypted via method 2".  Allow customers to specify
policy, at least via an environment variable such as
where the online documentation says
	1 = 512bit RSA
	2 = 256bit RSA
	4 = Rot 13

Design open, extensible architectures with public registries and protocol