Re: [openpgp] Regulation of algo deprecation

Aaron Zauner <> Wed, 04 November 2015 00:00 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id C6F831B3646 for <>; Tue, 3 Nov 2015 16:00:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_52=0.6] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CjJqMCsMmMPf for <>; Tue, 3 Nov 2015 16:00:16 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BBF6D1B3645 for <>; Tue, 3 Nov 2015 16:00:15 -0800 (PST)
Received: by wijp11 with SMTP id p11so82178281wij.0 for <>; Tue, 03 Nov 2015 16:00:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gmail; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type; bh=UKCBqv0JGKdYFHy2bECcTvDju/qnsS3XIVU0TInj/dE=; b=Vhrt2FH+bVJwL9Q2ujDzhRAzRAmIy2Me4LWsJO09EdWt7ZcRpBvuctB+FGnN98+f4x UDae77VYgOW6l/UMrC4+SlBCB7x/Zp1OdN8u7kgu2HPsOyNhu3WzH7xl3sC3hk9d9a1M wvADgzt3yXrZ2KkYkxU6+/vgxvjhjmtuyRQ7E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=UKCBqv0JGKdYFHy2bECcTvDju/qnsS3XIVU0TInj/dE=; b=fHYxC0m79+BSjlAt+iNXQnomQw4JqJR1sMoCm/21FJdLj4GEvY4tDS5mVMA40MhHtc Hbag5iMlSI/nNW8SDuMV2Hbd+KsY8PN1JORz3aFlT6qTwxTwBrkEFfRgjotCqtkbpQAL Gfs1OKK546zStf/uyLbIRtaogjPn4z5LJnBtkfZLxhHGudir8ms09oWfB5QdlSABkJtm 7A9+Xd7eh+pPSf4gDqww7xAKMn+efbq/T6alpZK14ECRKuFLqNqDVOLb2wpn9ysADkov 4tt2UvYWWW617PwVkSbU3/YPFaVUZVu4vx5reMwY0vmTJYoYB/A10lzHsnrUJ1Dnl7mF PqqQ==
X-Gm-Message-State: ALoCoQkgDku3oYwlYNR2esCfNdajA8bmDjknTcmPUiIC0lYNglVz93cmNbFuw4tNg4vJ98RJPSoy
X-Received: by with SMTP id o20mr38091180wjq.73.1446595214348; Tue, 03 Nov 2015 16:00:14 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id ee5sm30018495wjd.17.2015. (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 03 Nov 2015 16:00:13 -0800 (PST)
Message-ID: <>
Date: Wed, 04 Nov 2015 01:00:10 +0100
From: Aaron Zauner <>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Nils Durner <>
References: <>
In-Reply-To: <>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig3534421EC3CBF1288A06038A"
Archived-At: <>
Cc: "" <>
Subject: Re: [openpgp] Regulation of algo deprecation
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 04 Nov 2015 00:00:17 -0000


Sorry due to time constraints I wasn't able to remotely participate in
the OpenPGP session. I've read the minutes, not sure if I got everything
from that though.

So my impression is that GnuPG / OpenPGP current support far to many
possible algorithm choices. We should really limit that. For novice
users it's not easy to get this right and there're only a few places on
the internet that provide a solid default config (e.g. riseup - though
I've modified their settings for personal use). The real problem with
PGP is that not a lot of people use it and adding tons of curves or
algorithms doesn't seem the right way to go. Maybe this has already been
discussed previously and I didn't notice - if so, I'd be happy for a
pointer to the relevant thread.

CFRG recently recommended Curve25519 (or whatever nomenclature is
currently en vouge), so why bother with Brainpool at all?