Re: [TLS] Status of IDEA

[Martin Rex <Martin.Rex at sap.com>]

Pasi.Eronen at nokia.com wrote:
> 
> IMHO "MUST NOT" is totally inappropriate mechanism for conveying
> opinions about the amount and/or quality of security reviews done for 
> some particular algorithm. (RFC 2119 also gives guidance that MUSTs 
> must be used sparingly.)

I also think that "MUST NOT implement" for IDEA ciphersuites is entirely
inappropriate.  Lacking a convincing reason, I believe that even
"MUST NOT negotiate for TLS v1.2" for the IDEA ciphersuites would
be inappropriate.

> 
> While most folks will indeed prefer AES over anything else, the
> reasons why people prefer one algorithm over another vary. E.g.,
> presumably more people have looked at AES than Camellia (RFC 4132) 
> or SEED (RFC 4162), but some folks may be perfectly happy with
> the reviews those latter two have received (and may have other
> reasons for preferring them).

There are many more crypto algorithms that are uncommon (Gost, CAST,
*fish and other participants of the AES contest.  Reasons for their
use in certain environments are manyfold, including legacy, licensing
and political.  I can not see a compelling reason why IDEA should
be treated any different than the others.


-Martin


_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls