Re: [openpgp] Default preferences for the future
"Mark D. Baushke" <mdb@juniper.net> Mon, 20 March 2017 23:15 UTC
Return-Path: <mdb@juniper.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC909126D85 for <openpgp@ietfa.amsl.com>; Mon, 20 Mar 2017 16:15:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A1LKXoOW7QFm for <openpgp@ietfa.amsl.com>; Mon, 20 Mar 2017 16:15:00 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0137.outbound.protection.outlook.com [104.47.41.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67F37129401 for <openpgp@ietf.org>; Mon, 20 Mar 2017 16:14:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=waffaBmbx131CvD9/LTx8Cbuo/QcHnL2fcQTMzlqgVE=; b=A279e2Ci7Py5F1JjIR+UdaIum3ohf5EC6UmjkZteigwJqp0OpGRWHHZmFgW7iQcZOkPMxY0dd0f3N+QViJqxeJ7MChfUcSPj44Zfb1POaHiknmeC/ODUWcN7bGMT8WGqL8M3KeYHGPOmbGXj0hBcnfqV+fEU04o1ZPBZXwSwoRk=
Received: from DM5PR05CA0020.namprd05.prod.outlook.com (10.173.226.30) by SN1PR0501MB1757.namprd05.prod.outlook.com (10.163.130.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.4; Mon, 20 Mar 2017 23:14:58 +0000
Received: from BN1BFFO11FD019.protection.gbl (2a01:111:f400:7c10::1:159) by DM5PR05CA0020.outlook.office365.com (2603:10b6:3:d4::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.4 via Frontend Transport; Mon, 20 Mar 2017 23:14:58 +0000
Authentication-Results: spf=softfail (sender IP is 66.129.239.18) smtp.mailfrom=juniper.net; addere.ch; dkim=none (message not signed) header.d=none;addere.ch; dmarc=fail action=none header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.18) by BN1BFFO11FD019.mail.protection.outlook.com (10.58.144.82) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.977.7 via Frontend Transport; Mon, 20 Mar 2017 23:14:57 +0000
Received: from p-mailhub01.juniper.net (10.160.2.17) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Mon, 20 Mar 2017 16:14:56 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id v2KNEthS024089; Mon, 20 Mar 2017 16:14:56 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id 760E31148B; Mon, 20 Mar 2017 16:14:54 -0700 (PDT)
To: Ryru <ryru@addere.ch>
CC: openpgp@ietf.org
In-Reply-To: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch>
References: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch>
Comments: In-reply-to: Ryru <ryru@addere.ch> message dated "Mon, 20 Mar 2017 23:11:00 +0100."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Mon, 20 Mar 2017 16:14:54 -0700
Message-ID: <52027.1490051694@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.18; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39410400002)(39850400002)(39840400002)(39860400002)(2980300002)(199003)(189002)(9170700003)(81166006)(5660300001)(8936002)(53416004)(8676002)(2950100002)(6306002)(6246003)(117636001)(7696004)(106466001)(76506005)(48376002)(55016002)(105596002)(6916009)(4326008)(86362001)(2810700001)(189998001)(7126002)(6392003)(356003)(110136004)(47776003)(6266002)(38730400002)(305945005)(7846003)(53936002)(229853002)(2906002)(54356999)(5003940100001)(50466002)(50986999)(76176999)(77096006)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR0501MB1757; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; MLV:sfv; A:1; MX:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11FD019; 1:s8AbaHJC7XtJ4xmu/y5WuIYg0AHc7NkUWXzpjHmk59fSTkEtRqPSytf+EluuPAkpfqArxwKr9MKSuiUmGX1/s9UCPoJe5MUAYTt9bJpiPTPrz/kqUqr/jPnQnukwYF1q0y86TRZt0JkXi9d+lvmyBMr0OOIKRC5lMvJnjbNL0XTyYjptOkWMFcEnUHM87MXbHm5a7cOwjzcFDJbe28rDMKNFE+gOQAIKR0gxcnRkueO+05ZIm52JPQj53kMzSMfWZGQN9XudDABOvZehdNEOvqhg37HRRv91NEN+ks2pp9Gwcgdm4N3nWnhspad06kdZmgwSSdLOeuvHub80VdSl9poaIhKR/u1kjqyL5s3TciIVG7WHONFNYE/J9nUsRYwzS3lJIX2v88pohS5isC8X6Lcmqy3ajd+1iksbAPsUloGdKggZahed+eYaW3Elyuwr2pyUdbBXCIp8lA+NdXtE3U9YAnnM5o8npDwvY7AHGZASY8TB3Zzz4crXjihnlIe6UbHWqWzKmGU1vy3CxBKFnEv0piA6/tBtydPXphQC4Hw=
X-MS-Office365-Filtering-Correlation-Id: 71270fb4-81d9-4205-b9c2-08d46fe6ed73
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075); SRVR:SN1PR0501MB1757;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 3:OSxPe+AqrClQyNMcRM/cuty4bldKtHg8qZuUwQfirZTb4eg/UHzbYgMGd02hdePRIBMlvXFecp7ocRhR5cDWzmzkF7DcVDmyl4K8al2RiATJng9nyOOc2syXq1o7npuesb9CwWR7U3pV/2qx0AWPVSSjh6OKVTPWvj7LuU+yIsnCkAgx7W+zZb3QT+tjADaWiWr+1TSAPeY2vrv1H1hoN0z22pCK9rKVHTukrYPtuilaznfOp8H7vJyKKctAb1HfE7Jn7XhwALIE580kxBcmCVvc4K2/ypjArRSKO4d0j/aYgiebb8jXHfgmPEUftK/Y5R0/ltkmfQ6L+ngWzXN2EsLCX2+mbyRwjOCRlX8bvW9WebR5jc/KNwmlWD6WZUm6DBSJg5GN7b88Lm3sNiklOg==; 25:FVDDJ7piKwmaA1v2bKqGb4e7AKI9/kQIrUjg+LpPNmEksQolc4WV7ZrNrjS2n+kHbYtxvJrWzBoz8hzPZvaziDECqNQXBONOlK5EhtXeS5UgjmOXUNSoEJ5wEPzeN6EW5n2q9LgNxV2ixT31vnLowmcEvk6x6e0X3uiQZhvY1ebCdfBlMVkeZ1ByiTJTyrkUNapsNGRz8oQfiku2PjmRJs4idXjSqA9iXJJfNM+OGrueg1vKAIJP8gDhiM/BxWpT9V4wdWDSuP4QCTpVI4hj3UfimVRfdmNuOSaPLpB4d5JnzWlRgJzGYd4yJv43IhX/KX0eNeq39d5MX0hzfA5P+urIbZJhhGIJM7BHg9eK2JtGBmRxbfhIiu+3UVutC5zUKTwXUiu1w5N593UsPsoIWiM1SxwJ912iWkl3YcJWIwNzE0fDDK5wXJzM5B4kE5woej7Zh/CyeKhb5IrmpTCyEQ==
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 31:PFnfgtXhIQ8C5Y7HI8akTptXonAXO3XvY2HUqS2tN8CrnPfNnilW2FNZ3Pw8OkPS18Y0bx3FcMHVazUstxN3o2BU0oCdquJecfchH/fODqH4cTZa2bHlKRcxU9IYDm47zb7dU04R4F7uZhwSWBIbbWpNDSYTovoltVjEshKJJhppzXZBPJt/fg9SZDo9DwIelUOWXKlvOC9ID29IKOlqkgqxBSCKEverUkYkXoXgeQYOYhgwKyAlmRZUDyAjIHBmpKGOaKIRandcuBERo9+djA==; 20:b3YA786HFfstBDJEJPVPCxNHsCbNwWLvv9c2xE+jzY/WmxdejOSRokmIPvbgkCuBKH//hS2cUoDEvqK7C7rQ7ocoUW0+ZruqWm8CkBRSl4n07oH+ay3Te9bJRXbaMFDW8ISLYlwJ9xYGrvWl6goa0Wmi23vFGHs4hmMwpVpHhjYBLfdADLOom26ROAvtM/NObp3vAAtcQMVUkIjKMgys/neuxuCYl3YoXKO4i38W/cGAkGyWBcj8qoZdNO+kXdd/h60OLCFbWqQbkOS7gMgFf8zETuc/xWar6y5YCHVZ/stpkSldYWNC3fCKlD4BkEgvY+iOl9c5rfuH9UaLpqbtNDj49Q0m9oFnXO0tAEvgkcm8l+n+wMGrPx1NEyZnXpaBE7D4Y651YComowkU9WxSeaHeEfUuC8hqb8Y0HRLmUW2bnoSeUmGCoXNCPkhkvG1nVisPu1dWgQzNO58Reb7pjx0Ufwb3WWXYoPk1XP1HUK0gsojiZzGhBX4V7x/Xx7Us
X-Microsoft-Antispam-PRVS: <SN1PR0501MB17571DBFF92DED502A4F7271BF3A0@SN1PR0501MB1757.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(13023025)(13018025)(13024025)(5005006)(13017025)(13015025)(8121501046)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(20161123558025)(20161123555025)(20161123564025)(20161123562025)(6072148); SRVR:SN1PR0501MB1757; BCL:0; PCL:0; RULEID:; SRVR:SN1PR0501MB1757;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 4:GZiHxQGfqGb/VIaU2FwhO7F9Yy5UbnqLQH7to/NRL0jndZlm6uVnEEhQ5onZmzfQCo9/U3nA1mwaJXEHwteMEshh6Nh5fzezlfnqEdljm8+5mFscpJvCSffIYEHtL3+5mc4CwyH8NNAsf0uoLk5YvIBkxPKkqXXLp/fiYyE/Q6dBvhFM0M+88M7h3cQoW7N8ttwQCWHLp/jlbzJ0bNh3ryZK/j5z/83o9aQOg2NeacQ9DVxJKyGXPjjR7t7LtrdeoS/Zf5iV0L50iGze3+eWPc8SBZzUfBIsQFFlHId48AYsRW/jluX0QYqj6P6fGGGBWakZX8QI1DZsLBC8N9xaE9fkz3Pf35Y1Md2kvOPjfCeca51R06Wxy0r/s0ov2wzMYqYP9y0MloF9eGD7ZMC87m55NEoPj+zcJvuCDEwKZSvWxoR2Rv/OCP/RcwnW8XZkoeXH8Eh3cT3MvQApFbqrngZkiTd4lDChzLUbZrDIX8o3lK5foaKrQNoBSjyWtACEzFHgUrFKXVuwxjog/yeC/arB7B14Q6uWYovAjS/Mc7H2mcqZ3jFuSQKl0qx7v7o9GneMkpR1ZVj7EBPgCMPFsdf69KiM065fhw9EAEU+y9v4ecu4IOaD9nQyfrDSfZn6d28wJlDrBfpDLQnc4SOEAli4pWNpQxaET9p3ueE6UoaOwZxHdhoVo6ByB6YiQhFpS8cAip9IcfhGTDAuwCKeqg==
X-Forefront-PRVS: 02524402D6
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 23:KRDFTREvvce/r0mYQf/SMJ1VbRSdbavICF44AErUnAVxTz+ucASz63hYwEv/ohuj6BqPvn0vJiYwsJ4Dk3B+wF7gwI+XhdEoImPLzQoGt9pKOU/P5byMSPfyNRoNeUtPKeZyED8iPN/uSy1Fy0l3N76JP6EXQjlB6xDWo3fa+YQwAUf6C3kkQFKQtXSOM/9WquyYAvK1Er3uI6H3QhBC+zFolyTL+n2jnPMyVinK9SF+bjtBH0H/EeZwCoecApHeKFkZmGeXvcaeVF6GcqypmJe42tsoBXSHLoTa8eN34Uoa0LKtnznxVI6/sIaImEmeC72NMoUCPZv929wHJNHTjEkt4TQJW0FOJ1VX5hCMJDWFm6NDwph7JccNK+Z0bmdZipvjIqzCw4watWkz3fVCzAkA1F/3ATZ5XuhEpwXeSDpXs4oFO3NsTkP1JBRpXfIdqDc1639562iTNPa4JHQoXmWKCrSfk/jjWXxLk/Eo3uARaK9lAIoi1RSKWtsihBA0FXCWC0wQaSP4HJ0BZm0/M3G7F0vRHVL/EdPDauOo6J4o68CwWEXxQ/WIwITLHsiA4Ug+VhBOKOHk+9k2Zu7HHn49EOC27F0RmXoRBoHx6LB9qPK6IyZgmmN4FpXFxYfcdXXL+/dkILXC7VxDth5UNbPC3rgB3PVhoyzwfwRNO1ZFm1dsub6FFpiA+G1wf862v1WJLLHixDVgs7DYVls3/97ZsTMTUdxJT+DIBz//WoLOt/cvldEHTyElycAvAhlxXI2HhDglODuyymLca9yaZC3sCGF1+CHyrehhSmt6Ee6jxrfCiQTVG9toZJ49C+JLhJNP3jGEe6KvMwoEXr2/I97W0DPWTwFk5sy802iekL9UayOyhQMyrvR5zIV0EAhLW8O0Ih19zJhZa2q0/SU8/IbxeI04ZJgNehapFz0S4TzYdZcQpyM2s7s+xJQSVGU/6Ty79be58XQr9KWHhmu5HsvvVZgZs+O4UOKMy64+Oc64Mv7WW1ON/C+caT8pXJv+k/ml2FcJU/pyuWxtEDYUGSUCH8QfLHORgALaXz5PvLMtn3NOssVFmWpLg0QQgLVSOMsH6aEdDykR2KSiEOGVNz6jiy8g8vacXXbD/+wYi2lYxYoGQwlG257hAdWZsCyXr1wD6gi4qJDBPGmSmkc36W0Y976aFI6wCpU5ymGcvHmAqwJ/a/ZoKSA3J97+3FkM
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 6:lqNCDM4bxdPdRo7PF9orzCbFJOVkocTYsNMEms/kqV/pbjdWqitBHbkyTW3Ky3QjeTOOxfXhZRIUwVMM9TeLbhOo3Ah4MPLhx+p9j6BCmzabYKaY9Y/7QQ+DKvseRdEYhLQUem8e4uyDWdweJQ3rIq9PzDwZOWXV42e65DLdyMi4A8Rui3/hHf8Z6nUOOpG3EQp7Zbuc63SD8Tfn6exTg2aZCgdoLUoJPLOp6GFRgtum9qFzI5YvU4ThC8PZDHnYNxAz+j/SgWFhRzf+yh60FVSY/Gi8WKYas9nOi3Ir9nPXyRwCtQwKqI6J1ziLJ0uBRtHJGVzBBt/iNHBwQeJa7DYLlItMuV/1DN/h08kk+x+yTfzXMpnGbcZelRYrBNKwYubRZpjDXvwRr2Vz184huYqUnqBZskRHCvrjTCNmxwE=; 5:px7bkGClnED9U0dwRe+9GG82qyUCQiMxFXbAS2bCunssBNIot93UFdCq1460p8F1rrcwwa9T9z/VZvIm+NJRQf+jux2MIqtHsDUYiyj8pLm6cn97q9QFNZjhLHbJ6lpLfNFeiQKdr1SyVFevixaejA==; 24:wUbVA7zVrJD2ua/uV6qawUgekeylSPK7QX4xWAr1JVZHS1F7st1kkDcZ5RJlbN0Qg2WTmH+kPYvef2ZXezyOeyxzKsZ9uxtkDDebmr7HWcE=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB1757; 7:PX4W9txGTS29RAVEPrJrJI4Bb2UYkqvDKzPn0TOrDoV4VTVE3z4PTEOwrWSKswTIl5Emvtu+zTMq4fqpjUyKaE5/cRhkoQRBlm0sXWLsp+j5iYKr7OogYWvDhIrILgu6Pjz3LfZgvpxsyHgzSvBi+hobnY9LW3wfm9wc6d1MZ+pHxDZqmaXXJ/xDeObH1e9/+WDFbtN2CKzLhFub5m4g29DatDbNzj83P+Th0rNezmh8/+uOUqVTmw8lV7I5Xs6o5KJBbX8ITpWXPeKkpU8kvZhUPUeDxJHrsbw+WDZyKtu5Qnxou6oVcDkm5jHGg4nXBehc70BGsGb+9FJSIcaF2Q==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Mar 2017 23:14:57.9284 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR0501MB1757
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/jKZ-a7KwPWHaNLlX24rWSCQjUKE>
Subject: Re: [openpgp] Default preferences for the future
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Mar 2017 23:15:03 -0000
As an editorial remark, it would be nice if rfc4880bis were to use a consistent representation for the secure hash algorithm families. SHA1 is sometimes written as SHA1 and sometimes written as SHA-1. I will also note that "SHA224" "SHA256" "SHA384" "SHA512" "SHA-224" "SHA-256" "SHA-384" and "SHA-512" might want to be more completely specified as members of the SHA-2 family [FISP180] by using the tag "SHA2-224" "SHA2-256" "SHA2-384" and "SHA2-512" as the algorithm name in section 9.5 as compared with members of the SHA-3 [FIPS202] family of algorithms: SHA3-224, SHA3-256, SHA3-384, SHA3-512 (noting that the SHA-3 family are NOT YET a part of rfc4880bis). https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-01 Suggested update to section 9.3: ----------%<----------%<----------%<----------%<----------%<---------- 9.3. {9.2} Symmetric-Key Algorithms +-----------+-----------------------------------------------+ | ID | Algorithm | +-----------+-----------------------------------------------+ | 0 | Plaintext or unencrypted data | | 1 | IDEA [IDEA] | | 2 | TripleDES (DES-EDE, [SCHNEIER] [HAC] | | | - 168 bit key derived from 192) | | 3 | CAST5 (128 bit key, as per [RFC2144]) | | 4 | Blowfish (128 bit key, 16 rounds) [BLOWFISH] | | 5 | Reserved | | 6 | Reserved | | 7 | AES with 128-bit key [AES] | | 8 | AES with 192-bit key | | 9 | AES with 256-bit key | | 10 | Twofish with 256-bit key [TWOFISH] | | 11 | Camellia with 128-bit key [RFC3713] | | 12 | Camellia with 192-bit key | | 13 | Camellia with 256-bit key | | 100--110 | Private/Experimental algorithm | +-----------+-----------------------------------------------+ Implementations SHOULD implement TripleDES. Implementations MUST implement AES-128. Implementations MAY implement CAST5. Implementations that interoperate with PGP 2.6 or earlier need to support IDEA, as that is the only symmetric cipher those versions use. Implementations MAY implement any other algorithm. ----------%<----------%<----------%<----------%<----------%<---------- and suggested update to section 9.5: ----------%<----------%<----------%<----------%<----------%<---------- 9.5. {9.4} Hash Algorithms +-----------+---------------------------------+--------------+ | ID | Algorithm | Text Name | +-----------+---------------------------------+--------------+ | 1 | MD5 [HAC] | "MD5" | | 2 | SHA-1 [FIPS180] | "SHA1" | | 3 | RIPE-MD/160 [HAC] | "RIPEMD160" | | 4 | Reserved | | | 5 | Reserved | | | 6 | Reserved | | | 7 | Reserved | | | 8 | SHA2-256 [FIPS180] | "SHA256" | | 9 | SHA2-384 [FIPS180] | "SHA384" | | 10 | SHA2-512 [FIPS180] | "SHA512" | | 11 | SHA2-224 [FIPS180] | "SHA224" | | 100--110 | Private/Experimental algorithm | | +-----------+---------------------------------+--------------+ Implementations SHOULD implement SHA-1. Implementations MUST implement SHA256. Implementations MAY implement other algorithms. MD5 and RIPE-MD/160 are deprecated. ----------%<----------%<----------%<----------%<----------%<---------- Plus changes to 14.3.2: ----------%<----------%<----------%<----------%<----------%<---------- 14.3.2. {13.3.2} Hash Algorithm Preferences Typically, the choice of a hash algorithm is something the signer does, rather than the verifier, because a signer rarely knows who is going to be verifying the signature. This preference, though, allows a protocol based upon digital signatures ease in negotiation. Thus, if Alice is authenticating herself to Bob with a signature, it makes sense for her to use a hash algorithm that Bob's software uses. This preference allows Bob to state in his key which algorithms Alice may use. Since SHA256 is the MUST-implement hash algorithm, if it is not explicitly in the list, it is tacitly at the end. However, it is good form to place it there explicitly. ----------%<----------%<----------%<----------%<----------%<---------- -- Mark
- [openpgp] Default preferences for the future Ryru
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Werner Koch
- Re: [openpgp] Default preferences for the future Werner Koch
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Robert J. Hansen
- Re: [openpgp] Default preferences for the future HANSEN, TONY L
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Robert J. Hansen
- Re: [openpgp] Default preferences for the future Robert J. Hansen
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Werner Koch
- Re: [openpgp] Default preferences for the future Mark D. Baushke
- Re: [openpgp] Default preferences for the future Werner Koch