Re: Mandatory Algorithm Changes?
Ian G <iang@systemics.com> Tue, 08 February 2005 21:39 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA28568 for <openpgp-archive@lists.ietf.org>; Tue, 8 Feb 2005 16:39:54 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j18LN2YW039697; Tue, 8 Feb 2005 13:23:02 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j18LN2eN039696; Tue, 8 Feb 2005 13:23:02 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from www.enhyper.com (mailgate.enhyper.com [62.49.250.18]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j18LMuTE039686 for <ietf-openpgp@imc.org>; Tue, 8 Feb 2005 13:23:01 -0800 (PST) (envelope-from iang@systemics.com)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by www.enhyper.com (8.11.6/8.11.6) with SMTP id j18MMYr10548 for <ietf-openpgp@imc.org>; Tue, 8 Feb 2005 22:22:44 GMT
X-Authentication-Warning: www.enhyper.com: localhost.localdomain [127.0.0.1] didn't use HELO protocol
Message-ID: <42092EC2.9040501@systemics.com>
Date: Tue, 08 Feb 2005 21:27:30 +0000
From: Ian G <iang@systemics.com>
Organization: http://financialcryptography.com/
User-Agent: Mozilla Thunderbird 1.0 (X11/20050108)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Re: Mandatory Algorithm Changes?
References: <20050208194442.F2C6A57E2A@finney.org>
In-Reply-To: <20050208194442.F2C6A57E2A@finney.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
I agree that switching from SHA1 to SHA256 seems
like a move without clear basis, given the results
from that last conference. I think we just have to
sit it out and see what happens.
As far as AES is concerned, I'm less definately for
or against ;)
I can't see a problem directly with making it a must,
as we are now at the point where TDES is "ok if
you have to but we'd rather you didn't." (The
comments by Steve Bellovin last week were new
for me at least.)
If both of the major OpenPGP implementations
already support it, is there any reason to doubt
the little guys will follow along eventually?
(I agree it should be AES128 that should be the
must, if it is going that way...)
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
- Mandatory Algorithm Changes? Jon Callas
- Re: Mandatory Algorithm Changes? Werner Koch
- Re: Mandatory Algorithm Changes? David Shaw
- Re: Mandatory Algorithm Changes? "Hal Finney"
- Re: Mandatory Algorithm Changes? Edwin Woudt
- Re: Mandatory Algorithm Changes? Ian G
- Re: Mandatory Algorithm Changes? Werner Koch
- Re: Mandatory Algorithm Changes? Ian G
- Re: Mandatory Algorithm Changes? Jon Callas
- Re: Mandatory Algorithm Changes? Ben Laurie
- Re: Mandatory Algorithm Changes? Ben Laurie
- Re: Mandatory Algorithm Changes? Werner Koch
- Re: Mandatory Algorithm Changes? Ben Laurie
- Re: Mandatory Algorithm Changes? Werner Koch