IETF Logo Mail Archive

Re: SERPENT in OpenPGP?

Werner Koch <wk@gnupg.org> Fri, 27 August 2010 11:40 UTC

Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7RBeBZm088802 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 27 Aug 2010 04:40:11 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id o7RBeB9T088801; Fri, 27 Aug 2010 04:40:11 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7RBe9PZ088796 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 04:40:11 -0700 (MST) (envelope-from wk@gnupg.org)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.69 #1 (Debian)) id 1OoxI0-0000pJ-Tx for <ietf-openpgp@imc.org>; Fri, 27 Aug 2010 13:40:08 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.69 #1 (Debian)) id 1OoxGl-0002Jh-GZ; Fri, 27 Aug 2010 13:38:51 +0200
From: Werner Koch <wk@gnupg.org>
To: Christoph Anton Mitterer <calestyo@scientia.net>
Cc: OpenPGP Working Group <ietf-openpgp@imc.org>
Subject: Re: SERPENT in OpenPGP?
References: <1282856536.11340.29.camel@fermat.scientia.net> <3C0E8216-05E0-4E92-BC30-9B63CAEADF59@callas.org> <1282862498.18783.20.camel@fermat.scientia.net> <4C7761F4.1050507@iang.org> <67fb91a3317482de5850fca61bf8dac4@imap.dd24.net>
Organisation: g10 Code GmbH
OpenPGP: id=5B0358A2; url=finger:wk@g10code.com
Date: Fri, 27 Aug 2010 13:38:51 +0200
In-Reply-To: <67fb91a3317482de5850fca61bf8dac4@imap.dd24.net> (Christoph Anton Mitterer's message of "Fri, 27 Aug 2010 10:37:30 +0000")
Message-ID: <87vd6wl1ys.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

On Fri, 27 Aug 2010 12:37, calestyo@scientia.net said:

> Ok all true,.. but again,.. as far as I understand the system...
> preferences and the least required algorithms should solve all this.
> Even for those implementations of OpenPGP which don't support the
> bleeding-edge.

This is true as long as you use the same implementaion.  As soon as you
switch your computing environment things get complicated.  Maybe you
decide to continue work on a mainframe and over there you don't have an
implementation of Twofish - you would need to re-encrypt all your mails
and documents to one of the MUST algorithms.  I know folks insisting on
IDEA because they don't wont to re-encrypt their PGP 2 created data.

> And I don't mean (of course) the semantics behind our PKI (which I
> consider far superior to the X509 PKI), but also the technical stuff like

Just for the records: OpenPGP does not define or require a PKI - for a
good reason.  There are mereley features in the protocol which allow to
build all kinds of infrastructure on top of it.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

v2.23.0 | Report a Bug | By Email