Re: SERPENT in OpenPGP?

Jon Callas <jon@callas.org> Fri, 27 August 2010 17:51 UTC

Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7RHpLZW009350 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 27 Aug 2010 10:51:21 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id o7RHpL1b009349; Fri, 27 Aug 2010 10:51:21 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from merrymeet.com (merrymeet.com [66.93.68.160]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7RHpKxC009344 for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 10:51:20 -0700 (MST) (envelope-from jon@callas.org)
Received: from localhost (localhost [127.0.0.1]) by merrymeet.com (Postfix) with ESMTP id B3C402E09F for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 10:51:27 -0700 (PDT)
Received: from merrymeet.com ([127.0.0.1]) by localhost (host.domain.tld [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 43207-04 for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 10:51:23 -0700 (PDT)
Received: from keys.merrymeet.com (keys.merrymeet.com [66.93.68.161]) (Authenticated sender: jon) by merrymeet.com (Postfix) with ESMTPA id 1244A2E076 for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 10:51:20 -0700 (PDT)
Received: from [10.0.23.9] ([66.93.68.163]) by keys.merrymeet.com (PGP Universal service); Fri, 27 Aug 2010 10:45:17 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Fri, 27 Aug 2010 10:45:17 -0700
Subject: Re: SERPENT in OpenPGP?
Mime-Version: 1.0 (Apple Message framework v1081)
From: Jon Callas <jon@callas.org>
In-Reply-To: <04ac7894a29b891da7cbde98adb287e5@imap.dd24.net>
Date: Fri, 27 Aug 2010 10:51:10 -0700
Cc: Jon Callas <jon@callas.org>, ietf-openpgp@imc.org
Message-Id: <83BF96BC-A771-4511-B431-9B9B1545E351@callas.org>
References: <1282856536.11340.29.camel@fermat.scientia.net> <87pqx4mm0b.fsf@vigenere.g10code.de> <04ac7894a29b891da7cbde98adb287e5@imap.dd24.net>
To: Christoph Anton Mitterer <calestyo@scientia.net>
X-Mailer: Apple Mail (2.1081)
X-PGP-Encoding-Format: Partitioned
X-PGP-Encoding-Version: 2.0.2
X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: quoted-printable
X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset=us-ascii
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: Maia Mailguard
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hoffman.proper.com id o7RHpLxC009345
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'll be just a bit softer than Werner. The obstacle to your suggestion is adoption. You can write a document, push it through the IETF, and then you have Serpent in OpenPGP. However, it's unlikely that many implementations would put it in, for all the reasons people have said here. It would be little more than your name on an RFC if no one codes it up.

On the other hand, so what? Your name on an RFC is a resume-builder. And you could code it up yourself. If a real break comes to AES, you could end up looking prescient.

OpenPGP is designed to be to be welcoming to new algorithms -- all you need is a new algorithm number, really. But it's also designed to have easy rejection of algorithms that individuals or the community don't like. The algorithm preferences and negotiation ensures that no sender can ram something down a receiver's throat.

The upshot of this is that if *you* want to use Serpent and some new compression algorithm and other things, you can. But if you want *us* to do it too, then you have to convince us. OpenPGP is both a welcoming community and a balkanized collection of cliques. One of the very clever things we did was to be able to be both at the same time.

	Jon


-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.10.0 (Build 554)
Charset: us-ascii

wj8DBQFMd/mtsTedWZOD3gYRAgSAAJ98lpNoTK9ikEZRXmtvQt2Og4gx+gCeKDyx
S1MEpI4VrXQwyo9HqZS5Ko4=
=IOfu
-----END PGP SIGNATURE-----