Re: Question about MDC Packets

Adam Back <adam@cypherspace.org> Thu, 22 August 2002 18:30 UTC

Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA05693 for <openpgp-archive@lists.ietf.org>; Thu, 22 Aug 2002 14:30:22 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g7MINOD16586 for ietf-openpgp-bks; Thu, 22 Aug 2002 11:23:24 -0700 (PDT)
Received: from mercury.ex.ac.uk (mercury.ex.ac.uk [144.173.6.26]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g7MINN216581 for <ietf-openpgp@imc.org>; Thu, 22 Aug 2002 11:23:23 -0700 (PDT)
Received: from cronus ([144.173.6.20] helo=cronus.ex.ac.uk) by mercury.ex.ac.uk with esmtp (Exim 3.33 #1) id 17hwbx-002wiv-00; Thu, 22 Aug 2002 19:23:13 +0100
Date: Thu, 22 Aug 2002 19:23:13 +0100
From: Adam Back <adam@cypherspace.org>
To: OpenPGP <ietf-openpgp@imc.org>
Cc: Adam Back <adam@cypherspace.org>
Subject: Re: Question about MDC Packets
Message-ID: <20020822192313.A1103939@exeter.ac.uk>
References: <Pine.LNX.4.30.QNWS.0208212242350.30128-100000@thetis.deor.org> <20020822173214.GG725@akamai.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.2i
In-Reply-To: <20020822173214.GG725@akamai.com>; from dshaw@jabberwocky.com on Thu, Aug 22, 2002 at 01:32:14PM -0400
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

Wasn't this discussed at some point in the past and the suggestion
made that all 128 bit block ciphers use MDC as they were introduced at
roughly the same time.

That leaves the hushmail problem.  But due to their software
architecture presumably forced software upgrades are easy.  (Just
publish new java code, the fact that the cached code is more recent on
the server takes care of the rest.)  Any other implementations
ignoring this rule?

I'm guessing this discussed rule never made it into the spec.  (We
have a general issue with over laxness on compatibility issues -- as
long as it's possible in theory to interoperate, the concencus in the
past has seemed to be to stop there.)

All implementations MUST use MDC with > 64 bit block cipher algorithms
(such as AES).

Adam

On Thu, Aug 22, 2002 at 01:32:14PM -0400, David Shaw wrote:
> Seems to me that the draft already states that *all* implementations
> SHOULD be able to handle MDC packets, regardless of cipher ("An
> implementation SHOULD prefer this to the older Symmetrically Encrypted
> Data Packet when possible.").
> 
> The question is really what to do to determine when it is
> "possible". ;)