Re: [openpgp] Hybrid proposal for algorithm identifiers
Christoph Anton Mitterer <calestyo@scientia.net> Tue, 24 March 2015 23:51 UTC
Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AF7B1A1A65 for <openpgp@ietfa.amsl.com>; Tue, 24 Mar 2015 16:51:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5LZHtittzMoF for <openpgp@ietfa.amsl.com>; Tue, 24 Mar 2015 16:51:26 -0700 (PDT)
Received: from mailgw01.dd24.net (mailgw-01.dd24.net [193.46.215.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B0CF1A1A55 for <openpgp@ietf.org>; Tue, 24 Mar 2015 16:51:26 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.27]) by mailgw01.dd24.net (Postfix) with ESMTP id 591425FC3B for <openpgp@ietf.org>; Tue, 24 Mar 2015 23:51:24 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-02.live.igb.homer.key-systems.net
Received: from mailgw01.dd24.net ([192.168.1.35]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10235) with ESMTP id DNqqOcUeLOWZ for <openpgp@ietf.org>; Tue, 24 Mar 2015 23:51:22 +0000 (UTC)
Received: from heisenberg.fritz.box (ppp-188-174-180-118.dynamic.mnet-online.de [188.174.180.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw01.dd24.net (Postfix) with ESMTPSA for <openpgp@ietf.org>; Tue, 24 Mar 2015 23:51:22 +0000 (UTC)
Message-ID: <1427241081.10191.348.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: openpgp@ietf.org
Date: Wed, 25 Mar 2015 00:51:21 +0100
In-Reply-To: <5511F096.7000404@iang.org>
References: <644FDE72-CB1A-4EBE-9309-B429860A360D@gmail.com> <5511F096.7000404@iang.org>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-hk2h2aCv8tWFHYoQSSWO"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/eqvLNGfcBoG77sJFjCGd_zaTAk4>
Subject: Re: [openpgp] Hybrid proposal for algorithm identifiers
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 23:51:28 -0000
On Tue, 2015-03-24 at 23:17 +0000, ianG wrote: > On the left, > there are the pluralists So pluralists are left-wing?! ;-P Seriously, being one of the "pluralists", let me perhaps clarify this a bit: I don't think that the standard should necessarily standardise 20 alogs for each type and make 10 of them mandatory. - It should rather come with a few defined, perhaps at most 3 (per type) mandatory. - It should be easy to extend it and the community should be open enough to at least not put unnecessary obstacles in the way of such extensions. (E.g. I remember that quite often some people would have liked to see Serpent supported - the first thing was always like "do we really want that and would we even support that"). In the end, the implementations should decide which further algos are actually implemented, but even here, being a "pluralist" :D (I kinda like that ^^) I'd rather wish for a culture of accepting things, if a proper implementation is provided and there are not security concerns. E.g. if the Japanese really want their CAMELLIA or the Russians their GOST and if the provide a clean implementation and the algorithms aren't known to be severely flawed, I'd hope that Werner accept these in gnupg. However, whether he enables them per default for outgoing stuff, respectively whether he adds a warning about their use or perhaps requires a special parameter to enable/trust them... that would IMHO be totally up to him. - It should be rather simple to change the mandatory algos in the standard. I mean we still list 3DES, while in reality it's probably AES. Cheers, Chris.
- [openpgp] Hybrid proposal for algorithm identifie… Phillip Hallam-Baker
- Re: [openpgp] Hybrid proposal for algorithm ident… ianG
- Re: [openpgp] Hybrid proposal for algorithm ident… Christoph Anton Mitterer
- Re: [openpgp] Hybrid proposal for algorithm ident… ianG
- Re: [openpgp] Hybrid proposal for algorithm ident… Phill