I'm saying some standards body is appropriate for validating/vetting algorithms, and having a standards body advocate for known reasonable ones is... reasonable and desirable.
That NIST has a history of being compromised by the NSA (and other standards bodies would likely similarly be a target), is a problem. But having everyone 'figure it out' on their own is even worse. 'hand a drunk monkey a loaded submachine gun' worse.
> That NIST has a history of being compromised by the NSA is a problem.
It's a disqualifying problem. If you go to a standards body to prevent yourself from making unintentional mistakes, and they have introduced intentional mistakes, any other reasonable option is better.
Personally I'm of the opinion that everyone is expecting the NSA to try now, so the odds of them pulling it off are essentially zero (same with other actors) at NIST.
If you specialize as a cat burglar after all, hitting the ONE PLACE everyone expects you to hit while they're watching goes against the grain.
More likely they're suborning us somewhere else. But hard to say for sure.
I'm saying some standards body is appropriate for validating/vetting algorithms, and having a standards body advocate for known reasonable ones is... reasonable and desirable.
That NIST has a history of being compromised by the NSA (and other standards bodies would likely similarly be a target), is a problem. But having everyone 'figure it out' on their own is even worse. 'hand a drunk monkey a loaded submachine gun' worse.