Re: [openpgp] Default preferences for the future

"Mark D. Baushke" <mdb@juniper.net> Tue, 21 March 2017 13:21 UTC

Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
To: Ryru <ryru@addere.ch>, openpgp@ietf.org
In-Reply-To: <87pohbm5or.fsf@wheatstone.g10code.de>
References: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch> <52027.1490051694@eng-mail01.juniper.net> <87pohbm5or.fsf@wheatstone.g10code.de>
Comments: In-reply-to: Werner Koch <wk@gnupg.org> message dated "Tue, 21 Mar 2017 08:48:04 +0100."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Tue, 21 Mar 2017 06:20:55 -0700
Message-ID: <78804.1490102455@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Mar 2017 13:21:31.3129 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR05MB313
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/k-N01F6LFThqN4arLe6IXgW_FQM>
Subject: Re: [openpgp] Default preferences for the future
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 13:21:42 -0000

Werner Koch <wk@gnupg.org> writes:

> On Tue, 21 Mar 2017 00:14, mdb@juniper.net said:
> > As an editorial remark, it would be nice if rfc4880bis were to use
> > a consistent representation for the secure hash algorithm families.
> > SHA1 is sometimes written as SHA1 and sometimes written as SHA-1.
> 
> Thanks for this suggestion which I pushed right now.

Thank you.

> I have not yet looked at your other change requests, though.

Mostly I was trying to hit the SHA-1 to transition to SHA2-256.

I think TripleDES needs to go from a MUST to a SHOULD algorithm.

I think AES128 needs to be a MUST algoirthm.

I think that RIPEMD160 needs to be a SHOULD NOT algorithm.

I think that AES256 needs to be a SHOULD algorithm.

> Except for this:
> 
> > 14.3.2.  {13.3.2} Hash Algorithm Preferences
> 
> >    Since SHA256 is the MUST-implement hash algorithm, if it is not
> 
> I changed this from "SHA-1" to "SHA2-256".

Good.

Being consistent and clear is important.

	-- Mark

[openpgp] Default preferences for the future Ryru
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future HANSEN, TONY L
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch