Re: ASN.1 OID for TIGER/192

Derek Atkins <derek@ihtfp.com> Mon, 30 September 2002 17:31 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA13905 for <openpgp-archive@lists.ietf.org>; Mon, 30 Sep 2002 13:31:10 -0400 (EDT)
Received: (from majordomo@localhost) by above.proper.com (8.11.6/8.11.3) id g8UHJun01377 for ietf-openpgp-bks; Mon, 30 Sep 2002 10:19:56 -0700 (PDT)
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g8UHJtv01372 for <ietf-openpgp@imc.org>; Mon, 30 Sep 2002 10:19:55 -0700 (PDT)
Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id NAA16707; Mon, 30 Sep 2002 13:19:56 -0400 (EDT)
Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id NAA12420; Mon, 30 Sep 2002 13:17:08 -0400 (EDT)
Received: from kikki.mit.edu (KIKKI.MIT.EDU [18.18.1.142]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id NAA18525; Mon, 30 Sep 2002 13:17:08 -0400 (EDT)
Received: (from warlord@localhost) by kikki.mit.edu (8.9.3) id NAA00193; Mon, 30 Sep 2002 13:17:08 -0400 (EDT)
To: David Shaw <dshaw@jabberwocky.com>
Cc: ietf-openpgp@imc.org
From: Derek Atkins <derek@ihtfp.com>
Subject: Re: ASN.1 OID for TIGER/192
References: <20020927125550.GA14033@akamai.com> <20020927155054.GB17939@stonewall> <20020930165517.GE1682@akamai.com>
Date: 30 Sep 2002 13:17:08 -0400
In-Reply-To: <20020930165517.GE1682@akamai.com>
Message-ID: <sjmy99j8kiz.fsf@kikki.mit.edu>
Lines: 21
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

David Shaw <dshaw@jabberwocky.com>; writes:

> I'm not for or against using TIGER in OpenPGP, but my feeling is that
> if we are going to include TIGER, then we should do it intentionally,
> with all due care taken.

At some level, too many ciphers can spoil the security-system...  Not
that I'm saying TIGER is insecure, but at some level you need to limit
the posibilities for real-world interoperation.

Also note that reserving a number for TIGER but _not_ putting it into
the standard is different than actually calling TIGER a required cipher.

> David

-derek

-- 
       Derek Atkins
       Computer and Internet Security Consultant
       derek@ihtfp.com             www.ihtfp.com