Re: Fixing the secret keys, and a small apology
"Michael Young" <mwy-opgp97@the-youngs.org> Wed, 05 September 2001 16:05 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA09225 for <openpgp-archive@odin.ietf.org>; Wed, 5 Sep 2001 12:05:51 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id f85For127580 for ietf-openpgp-bks; Wed, 5 Sep 2001 08:50:53 -0700 (PDT)
Received: from xfw.transarc.ibm.com (xfw.transarc.ibm.com [192.54.226.51]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f85FopD27575 for <ietf-openpgp@imc.org>; Wed, 5 Sep 2001 08:50:52 -0700 (PDT)
Received: from mailhost.transarc.ibm.com (mailhost.transarc.ibm.com [9.38.192.124]) by xfw.transarc.ibm.com (AIX4.3/UCB 8.7/8.7) with ESMTP id LAA44912 for <ietf-openpgp@imc.org>; Wed, 5 Sep 2001 11:42:57 -0400 (EDT)
Received: from mwyoung (dhcp-195-50.transarc.ibm.com [9.38.195.250]) by mailhost.transarc.ibm.com (8.8.0/8.8.0) with SMTP id LAA25321 for <ietf-openpgp@imc.org>; Wed, 5 Sep 2001 11:50:47 -0400 (EDT)
Message-ID: <002a01c13622$3ec3eca0$fac32609@transarc.ibm.com>
From: Michael Young <mwy-opgp97@the-youngs.org>
To: ietf-openpgp@imc.org
References: <p05100309b7baf2e20a43@[192.168.1.180]> <tgae09ztfo.fsf@mercury.rus.uni-stuttgart.de>
Subject: Re: Fixing the secret keys, and a small apology
Date: Wed, 05 Sep 2001 11:48:44 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- From: "Florian Weimer" <Florian.Weimer@RUS.Uni-Stuttgart.DE> > Jon Callas <jon@callas.org> writes: > > there, then they can't use algorithm 254. However, not only is using a > > cipher algorithm deprecated, but our present max cipher number is 10. > > This is not quite correct, the numbers 100 to 110 are already > assigned, too, technically speaking. However, 254 was never an But, as Jon pointed out, any use of a cipher algorithm number here is deprecated. In fact, the String-to-Key section has the following commentary already. Note the explicit mention of IDEA. [2440bis-03, section 3.7.2.1]: > This last possibility, the cipher algorithm number with an implicit > use of MD5 and IDEA, is provided for backward compatibility; it MAY > be understood, but SHOULD NOT be generated, and is deprecated. I'd be perfectly happy strengthening this to "MUST NOT be generated for algorithms outside the ranges 1-10 and 100-110" (or just IDEA). -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQEVAwUBO5ZGC2NDnIII+QUHAQGSxAf+P/ZbGOKHeRIXE/ikZq0SI5BNBvfTXta0 A8+MoeBRMvSyHWXz1csiaL/N9R/jsGAMlzjOYoTHRqi1ZvcRRaY2VrPoSyQfn+tF k3V4EpsZq9b/dMtlPkHuuK5wx3kOhXQXSfciH+qZJl49MW/XBOTzKzQZFC98GRUu hdZKkVGzEtUMlsnAB9JOaC5NmgCLSJi/rs/K81qsyvKXamazx5woqi+sCbI1XXyw oJqkSIXKu+PfzbbIqe3fbemG9s/OrhZuEZucGWSEJG/GsCvjePEDZ1+VuGxCnUlp zeHiDoovt5yC+n4WDq9H0sH9BmgHNh2rXA3G/fCMs/qBstrhh8Equg== =1wOR -----END PGP SIGNATURE-----
- Fixing the secret keys, and a small apology Jon Callas
- Re: Fixing the secret keys, and a small apology Michael Young
- Identifying revoked certificates Michael Young
- Re: Fixing the secret keys, and a small apology Florian Weimer
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates David Shaw
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch