| Why was (single) DES chosen as the algorithm for the ESP part of IPSEC?
Because people were going completely nuts about mandating something not easily specifiable at all. DES was an easier case to make than 3DES.
So, in order to ship sooner rather than later, DES was chosen. 3DES will probably be available soon afterwards.
Shipping is irrelevant. Perry is busily coding 3DES support into NetBSD. Once it's in the bsd network stack, it will spread everywhere. Presumably, someone will implement it outside the US as well. As Perry put it succinctly at a recent IETF meeting, people will not necessarily use what is mandated. They will use what is available. If 3DES is in the freely available reference implementation (which it will be), and it performs adequately, that is what will get used. Marc